I have recently found out about the existence of virtual machines they can be used to run viruses in an isolated environment from the host computer, like virtual box, vmware and sandboxie. However, I'm told that viruses can still escape the VM through shared folders with the host machine or through the network and infect other devices. How can I visit suspicious sites, click on suspicious links and run suspicious files while keeping my devices safe? Or failing that, a solution that is as close to that as possible?
Asked
Active
Viewed 57 times
0
-
1Use a dedicated machine with no sensitive data on it, with a separate internet connection, with no physical or network connection to any of your other devices and reinstall this machine after each surfing. If this sounds too costly and unusable - welcome to the trade-off between risks you are willing to accept and costs and efforts you are willing to bear. If you have more sensible requirements - like not recklessly browsing the web or accepting a risk which is higher then *"as low as possible"* then it might be less expensive and more usable. – Steffen Ullrich Sep 02 '22 at 07:15
-
@SteffenUllrich Hmmm. I've seen tutorials that use virtual machines as a virus sandbox by not connecting to any network and using the VM solely as a malware testing ground. Can I ask if you know how they got the malware into the VM in the first place, without infecting the host machine? Especially since the VM is not connected to any network. – Ryou Kei Sep 02 '22 at 07:31
-
2*"I've seen tutorials ..."* - it has impossible for me to tell you what they did in a tutorial without having seen the tutorial myself. But in general - just downloading a file with simple tools like curl will not execute it, i.e. it could be safely downloaded outside the VM. And it is common for this kind of analysis to have some kind of minimal and controlled exchange in order to transfer files into the analysis machine. Might be limited network connectivity which allows transfers into the VM but not out of the VM, might be a disk image written outside the VM and mounted inside or similar. – Steffen Ullrich Sep 02 '22 at 07:46
-
@SteffenUllrich Alright, thanks alot! I will go read up on the scenarios you mentioned. – Ryou Kei Sep 02 '22 at 07:57
-
Get a second machine. Re-image it automatically every night. Keep it in a separate network from the rest of your home network. – schroeder Sep 02 '22 at 13:11
-
@schroeder Does a guest wifi network on the same router qualify as a separate network? – Ryou Kei Sep 03 '22 at 09:42