virtualbox.org

I read someone posting that the safest thing to do is to configure your firewall to block anything coming from the virtualbox environment. Does anyone know if this is possible and how to do it? Im currently using Comodo and want to try to run my VB as secure as possible. When I first installed it today I thought it would keep my host safe from most everything, but now as I read up on the forums I see once your connected to the internet all bets are off and that viruses and malware can make its way into your host which defeats the whole purpose for my uses.

Want to keep the Host safe from the VM? Then don't give the VM internet access, or better yet, any network access at all. Once you give the VM internet access through NAT, the Guest will have full, uncontrolled access to the Host (but not the other way around) in terms of network access. In bridged mode, you can shield the Host from the Guest like you could for a separate system on the network. I've made a rough ascii drawing of the way bridged works in another thread that talks about bridged and firewalls. Should be in the Linux Host section if you're interested.

My only reason for making a VM IS for internet acess. I was hoping it would be a good solution to protect my host from unsafe websites, emails, etc.

Only a more advanced virus can penetrate a Host through network access. It will use flaws in the OS to break into. Using a firewall does shield a bit, but if it's written well enough, nothing can stop it from exploiting a bug. Chance of it happening? Not very likely if you use some common sense and don't download every single thing from p2p networks or click on every banner or link. Of course, a proper virus scanner is a must in all cases. Using a different OS helps as well, Windows is very attractive to viruses, but Linux isn't a nice place for them, they don't work on it.

I did change my networking on the VM to bridged, does that alone offer extra protection or are more steps required? Also do you run a virus scanner/firewall inside the VM as well or just the host?

Anti-virus and firewall on both of course. Why protect only one system when both are vulnerable? Setting it to bridged makes it look like a separate machine on the network, something your Host-based firewall can protect against. It can't protect from attacks coming from localhost which will happen when a virus tries to spread when you're using NAT, it doesn't monitor that.

I guess because I figured if the guest got a virus who cares I could just restore a snapshop. Thats what I was thinking before finding out the virus could possibly travel to the host as well. I tried blocking VB with my Comodo firewall, but all that accomplished was not allowing it to run. Any idea how it may be accomplished to use the firewall not to allow anything to travel from guest to host?

Set bridged, block all traffic from the IP assigned to the Guest. Blocking VB in the firewall blocks more than just network traffic, it also blocks system calls, since the firewall does more than just checking network traffic these days.

What I did in Comodo firewall on my host was went to Network Security Policies, block zone, then I picked Ipv4 single address. I added the ip of my guest. Does that sound ok? There were alot of options in the block zone like Ip4v address range, Ipv4 subnet mask, Ipv6 single address, Ipv6 subnet mask, and Mac address. Is Ipv4 single the correct one or should it be Ipv6 or some other option?

I'm sorry, but this forum is specialized for VB. We can't provide help with firewall settings since there are dozens of firewalls available. Please use the firewall documentation or their support page to learn if you did the right thing. Just test the rules and see if they work as advertised.