On Thu, Feb 11, 2010 at 5:51 PM, Robin Green <gree...@greenrd.org> wrote: > At Sat, 13 Feb 2010 15:10:18 +0530, > Karthik Balaguru wrote: >> Hi, >> The internet connection is in Linux (Host OS). I have been planning >> for ubuntu (Host OS) and Windows Vista(Guest OS). >> I am just eager to know if i have Windows as a guest OS on Host >> OS(Linux), is it less possible for Windows to get infected by virus as >> Host OS is only connected to internet ? > > The short answer is no, it's not less possible, in most situations. > > The word "virus" as it is commonly used actually refers to at least 3 > types of malware: true viruses, trojan horses and worms. Using the NAT > network option of virtualbox will *only* protect against worms
Okay . > - and > then only if you don't have any NAT or suitably-strict firewall > between your computer and the Internet already (which would be > protecting you already). Most home and corporate networks these days > have either NAT or a firewall or both, so it probably won't make any > difference. > > Using other network options in VirtualBox either won't protect against > worms, or won't allow you to connect to the Internet directly from the > guest. > Interesting ! > I recommend not using the Internet as far as possible in Windows, if > you can avoid it. This still won't protect you against, e.g. viruses > present in files manually copied from host to guest. Manually copy is secondary issue . > But at least it > will protect you from certain types of malware on web pages (those > which use security flaws in Internet Explorer or whatever to > auto-install themselves). > > If this is not clear enough, please reply and I will be happy to > explain further. > Okay, So how can we tweak VirtualBox and other configurations so that the packets get filtered/scanned before going to the Guest OS(Windows) . Forcing through some firewalls on the Host OS(Linux) would be another thought, but that will not help completely. Is the method of scanning all the packets that arrive at the NIC for virus signatures the only way ? But, that would tremendously slow the system as many virus definitions should be available and it should be done at the level of NIC which inturn loads the NIC heavily. Any thoughts ? If not at the NIC level, it can be thought of as a separate software that scans all the packets that are going to the Guest OS(Windows) from Host OS(Linux) and thus it is independent of NIC. Any such software that can help avoiding the windows(Guest OS) from getting infected? Any thoughts ? Thx in advans, Karthik Balaguru _______________________________________________ vbox-users mailing list vbox-users@virtualbox.org http://vbox.innotek.de/mailman/listinfo/vbox-users
