virtualbox.org

I'm running virtualbox on a Windows 7 64bit host and running a Windows 7 32bit guest.
I'm doing some virus/malware testing with the OS, and I'm wondering if I'm safe from cross contamination with NAT?

Nothing will be 100% safe but if you do not mount a shared folder or share data in any way between the host and guest it will be as safe as you can get.

So using bridged or even another physical Ethernet just for the Guest would be no more safe than NAT?

Yes, Bridged or any other mode are less safe than NAT. NAT is as 'safe' as you can get.
(Except for 'Not attached' which is not connected to anything at all, or 'Internal networking', which only connects VMs together and not to the host and not to the internet.)

You will need to firewall the host from the guest or disable services and harden the host if you are concerned about the guest infecting the host.

IIRC: These modes allow the host to connect to the guest:
- NAT when portforwarding rules have been added to the guest (only on the ports forwarded).
- Bridged.
- Host-only.

These modes allow the guest to connect to the host:
- NAT
- Bridged.
- Host-only.

These modes allow the guest internet access:
- NAT
- Bridged

MarkCranness wrote:Yes, Bridged or any other mode are less safe than NAT. NAT is as 'safe' as you can get.

I've changed my mind about that (sorry).

I now believe Bridged is safer (for the host, and for other PCs on the lan), and the host and those other PCs should be firewalled from the suspect guest to prevent any guest exploits.

For explanation, see post here: http://forums.virtualbox.org/viewtopic.php?f=2&t=24687