Hi,
I would be interested to know your views on this subject of the security of our data. An operating system that has been infected by viruses or has a backdoor can steal or infect data that is inside a virtual machine but without configured network adapters? (Only the host / physical machine network is enabled)
A virus or backdoor in the host system can steal or infect data if the network is disabled in guest?
-
socratis
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: A virus or backdoor in the host system can steal or infect data if the network is disabled in gu
I believe it's pretty simple. If there's no connection between host and guest (networking, sharing, clipboard, audio) then they're isolated.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
-
Martin
- Volunteer
- Posts: 2561
- Joined: 30. May 2007, 18:05
- Primary OS: Fedora other
- VBox Version: PUEL
- Guest OSses: XP, Win7, Win10, Linux, OS/2
Re: A virus or backdoor in the host system can steal or infect data if the network is disabled in gu
If someone creates a virus or trojan directed specifically at your Virtualbox, then it could of course implement routines to look inside your virtual disks if you don't encrypt them.
-
mpack
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: A virus or backdoor in the host system can steal or infect data if the network is disabled in gu
... but in reality that would be a lot of work for hackers, for marginal reward (what fraction of infected PCs will have VirtualBox installed?), so that malware almost certainly doesn't exist and quite probably never will.
In answer to the original question - it actually isn't a VirtualBox question: a virtual PC is potentially subject to the same attacks as a physical PC, using pretty much the same attack vectors. That said, IMHO this whole subject is a mess of misinformation and scare stories. Take a few elementary precautions and you'll be fine.
In answer to the original question - it actually isn't a VirtualBox question: a virtual PC is potentially subject to the same attacks as a physical PC, using pretty much the same attack vectors. That said, IMHO this whole subject is a mess of misinformation and scare stories. Take a few elementary precautions and you'll be fine.
Re: A virus or backdoor in the host system can steal or infect data if the network is disabled in gu
In the latest virtualbox to date i discovered without networking installed unusual activity through my internet connection to the virtualbox menu we select and turn our virtual machines on. Whenever the error pops up saying pure virtual function call and i am disgusted.
This would be the same network feature to check on virtualbox updates and its obvious to me why unencrypted machines cannot trust this virtualised crap.
who wants to know my virtual disk contents you dont have a warrant!
so I disabled all networking in my firewall and now i can run windows 9x without audio subsystem issues can someone explain why i have been exploited?
its obviously a continuing trend for the v6 series of virtualbox and i am also not pleased with it silently leaking network traffic so i'll just keep the firewall between it and the internet. this behaviour doesnt happen using windows server 2016 or 2019 so its a windows 10 "spy" mechanism
This would be the same network feature to check on virtualbox updates and its obvious to me why unencrypted machines cannot trust this virtualised crap.
who wants to know my virtual disk contents you dont have a warrant!
so I disabled all networking in my firewall and now i can run windows 9x without audio subsystem issues can someone explain why i have been exploited?
its obviously a continuing trend for the v6 series of virtualbox and i am also not pleased with it silently leaking network traffic so i'll just keep the firewall between it and the internet. this behaviour doesnt happen using windows server 2016 or 2019 so its a windows 10 "spy" mechanism
-
mpack
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: A virus or backdoor in the host system can steal or infect data if the network is disabled in gu
Pure farm grade BS. You see network activity you can't explain and simply assert that the cause is malware? With a Win98 guest? Crapola magna.
VirtualBox is open source. If you want to know what's in it - go look. If you believe the official builds are tainted, build it yourself. If network activity is unexplained - install something like WireShark.
And, keep the speculative conspiracy BS to yourself.
Locking this topic as the OPs question was answered perfectly adequately by Socratis.
VirtualBox is open source. If you want to know what's in it - go look. If you believe the official builds are tainted, build it yourself. If network activity is unexplained - install something like WireShark.
And, keep the speculative conspiracy BS to yourself.
Locking this topic as the OPs question was answered perfectly adequately by Socratis.