Advice Request Virtualbox network questions

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
SumTingWong

SumTingWong

Level 28
Thread author
Verified
Top Poster
Well-known
Apr 2, 2018
1,713
Hello everyone! I am new to VM setup and there are some questions that I would like to ask you guys.
1) Do I need the Virtualbox Host-Only Ethernet Adapter running when VM is off? I don't see any network traffic at all in the adapter. I set NAT in the network configuration, and install all Oracle drivers during setup. I also don't see any Oracle Virtualbox services running in Task Manager while VM is off.
Screenshot_5.png

2) Can I make the adapter enable only when VM is on?
3) What is the best network settings mode to test malware or isolate VM network from host network to make sure they don't infect the host network?
 
  • Like
Reactions: [correlate], HarborFront, shmu26 and 1 other person
H

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,025
When VB starts then the Task Manager will show up

1586743141375.png

I'm seeing the Ethernet thing. It's already there after I installed VB. I think Ethernet is for LAN connection. If you use WiFi (like me) there's no activity indicated when VB is running

1586742677415.png
 
Last edited:
  • Like
Reactions: Protomartyr, harlan4096 and [correlate]
H

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,025
As for your question 3) What is the best network settings mode to test malware or isolate VM network from host network to make sure they don't infect the host network?

I can't answer the 1st part of the question. Using my laptop to answer, hopefully, your 2nd part of the question

Firstly, you'll need your host machine to be strongly protected. Get a strong AV/AM and other needed protection software.

Scenario 1
If you are just simply using the VM to surf the web (and anonymously) and without performing critical usage then simply power off WITHOUT saving the machine state will do.

Scenario 2
If you performing critical work activity inside the VM then protect it like you'll protect your host machine. Install a different strong AV/AM and other protection software inside the VM. If you need to transfer files in/out between VM and the host machine make sure the host machine's AV/AM scans such files. End of the day just shut down the VM WITHOUT saving the machine state. You can also use Sandboxie in the VM to sandbox your browser, if it works, as an additional layer of protection.

If you are afraid of VM-evading malware then the host machine's strong AV/AM and other protection software should serve as the main layer of protection. Lastly, you can install Shadow Defender on the host machine and shut it down WITHOUT saving at the end of the day.

Likely, I'll install Shadow Defender on the host machine and not Sandboxie nor AV/AM in the VM for I won't be doing critical work there

Edit (added)

If my answers cannot satisfy you then go to the below link to get better answers

malwaretips.com

Protecting Host Machine from Malware escaping a VM.

Alright I would like to open up a discussion on how to protect your host from rare malware that escapes your VM and hits your host machine. So discuss about any products, changing settings, etc. and how you protect your Host. Now I have a question for myself, Would be using a HIPS like comodo...
malwaretips.com malwaretips.com

For fingerprinting

1) Shadow Defender - cannot protect the host machine from being fingerprinted
2) Sandboxie - in its default settings it cannot protect the host machine from being fingerprinted

Read post #16 by the developer below

www.wilderssecurity.com

Sandboxie Plus (Sbie fork)

Sandboxie is finally Open Source :D I have uploaded the sources, as released by Sophos today, to GitHub: https://github.com/DavidXanatos/Sandboxie and...
www.wilderssecurity.com www.wilderssecurity.com

3) VM - it can protect your host machine from being fingerprinted if you are using two different OSes
 
Last edited:
  • Like
Reactions: Protomartyr, harlan4096 and [correlate]
Status
Not open for further replies.

Similar threads

silversurfer
    • Like
    • +Reputation
    • Thanks
New Update VirtualBox 7.0.14
Replies
0
Views
315
Virtual machines
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
    • Thanks
New Update VirtualBox 7.0.12
Replies
1
Views
413
Virtual machines
Ink
Ink
simmerskool
    • Like
Advice Request Network adapter Q? re isolation
Replies
3
Views
572
Virtual machines
simmerskool
simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top