How to safely use virtual box?

Discussion in 'Rollback and Virtualisation' started by LukeNukesEm, Dec 21, 2016.

  1. LukeNukesEm

    LukeNukesEm Level 5

    Sep 14, 2016
    The Moon
    Windows 10
    How do I safely test malware in virtual box? I heard something about using a nat connection, can't remember. Any tips?
  2. Good question :)

    1) You should use NAT or a custom network - don't use Bridged.
    2) You should disable Shared Folders or have them as Read Only (I use them with Read Only ticked).
    3) You should use 1 or 2 VPNs - 1 on the Host PC & then if you want a second on the VM as well (I use 2 - one on the Host & one on the VM - Windscribe & Betternet)
    4) If you want to be extra cautious then you should use a 2nd router to the main home router.
    5) You could also run VMWare or VirtualBox (the VM software) in a Sandbox - eg. Comodo Sandbox...

    There you go ;)
    jelson, tim one, Myriad and 4 others like this.
  3. McLovin

    McLovin Level 61
    Trusted AV Tester

    Apr 17, 2011
    I stream ✌
    Queensland, Australia
    Windows 10
    Trend Micro
    Honestly with all the virtual machine stuff I do at Uni and at home. I just have the virtual machine setup with NAT, having my main Antivirus (Trend Micro) updated and turned on, on my host. Nothing more to it. I have never encountered anything jumping from the VM to the host in the whole time I've been using a virtual machine.
    tim one, Myriad and MalwareBlockerYT like this.
  4. You should use a VPN though since otherwise malware can find out your home IP address.
    harlan4096 likes this.
  5. tim one

    tim one Level 19
    Trusted AV Tester

    Jul 31, 2014
    Windows 10
    VirtualBox NAT allows access to network resources using the host computer's IP address, so it is essential that you protect your IP by using a VPN at host or VM level.
    This is important to avoid that
    malware can process your real IP.
  6. McLovin

    McLovin Level 61
    Trusted AV Tester

    Apr 17, 2011
    I stream ✌
    Queensland, Australia
    Windows 10
    Trend Micro
    I've never had a problem with any malware getting onto my host.
  7. RejZoR

    RejZoR Level 7

    Nov 26, 2016
    Security Software Guru
    Windows 10
    That's not as much of a problem as it is your ISP whining about it and ordering you to clean your PC even though you know the PC is fine, but they don't know that.
  8. It's not about it getting onto the host it's about criminals getting your IP address. But it is possible if you don't use a VPN that malware can transfer over the network - trust me it can happen. It is really quite stupid to not use a VPN.
  9. DC47561

    DC47561 Level 3

    Feb 3, 2017
    IT Support
    Windows 10
    As these guys have said - VPN - Adapter in NAT mode - Limited/Standard User account - Software restriction policies on host (be careful with the software restriction policies though! - make sure that you don't prevent anything you need to run such as program files and system files such as command prompt and task manager.) - Happy testing!
  10. orthonovum

    orthonovum Level 3

    Jun 17, 2017
    If you can, use a dedicated DSL line or something. That way you can have a air gapped sand box machine on it's own internet connection and you can afford to burn it to the ground and rebuild it often
  11. Maxwell Sien

    Maxwell Sien Level 2

    Nov 15, 2016
    Windows 10
    I have tested hundreds of Malware Inside VirtualBox and my Host's System is clean untill now.
    orthonovum likes this.
Similar Threads Forum Date
Q&A How to safely test malware within Virtual Box? Rollback and Virtualisation Sep 29, 2016
How to wipe PC safely? General Security Discussions Jul 18, 2017
How to Torrent Safely and Legally Tutorials & Guides Aug 21, 2016