LukeLovesSecurity

Level 4
Verified
I would usually use Virtual Box when going in dangerous situations, however for my next tests I will be using the deadliest of deadly malware, exploits, and viruses. How do I ensure nothing bypasses my vm?
 

Winter Soldier

Level 25
Usually the VM offers a high security standard, it is quite difficult for a malware can break the isolation by running malicious code on the host system (if you don't enable the shared folders and "drag and drops" like said above).
It is true that some specific vulnerabilities could allow this, but:

1) Generally these vulnerabilities are fixed in a fast enough way.
2) A malware that can exploit unpatched vulnerabilities, has to be designed just for this specific purpose.... objectively very difficult.

Of course, who is testing malware, he is playing with fire, and the risk exist, nothing is 100% safe in this context, but in my experience no malware has escaped my VM.
 

lab34

Level 6
If I use NAT mode, will my vpn on my host machine still anonymize all my vm traffic?
Hello,
yes, NAT mode just ensure that your VM and your host are isolated, except for the VM>Internet link. But you are reaching internet the same way, in bridge or NAT. If your VPN is ON inside the VM, you go through the VPN. If the VPN is OFF, you are exposing your public IP.

On the link: Chapter 6. Virtual networking check the "Table 6.1. Overview"

 
  • Like
Reactions: LukeLovesSecurity

LukeLovesSecurity

Level 4
Verified
Hello,
yes, NAT mode just ensure that your VM and your host are isolated, except for the VM>Internet link. But you are reaching internet the same way, in bridge or NAT. If your VPN is ON inside the VM, you go through the VPN. If the VPN is OFF, you are exposing your public IP.

On the link: Chapter 6. Virtual networking check the "Table 6.1. Overview"
So I would have to have the VPN inside the VM aswell? Or am I covered if I just use it on my host?
 

lab34

Level 6
So I would have to have the VPN inside the VM aswell? Or am I covered if I just use it on my host?
Hello,
To be honest, I did not test with the VPN on the host. I did all my tests with the VPN inside the VM, in NAT mode, and no VPN on the host.
I'm using the Windscribe windows client in the VM.