VirtualBox: Is trying harmful programs completely safe for the host?



Possible Duplicate:
Can a virus from a virtualbox vm affect the host computer?

OK, first I need to say that I know that this has already been asked. However, I couldn't find this specific question anywhere, I googled a lot... so, I decided to come here :)

I am really bored these days when I'm on the computer, so I installed Windows XP in a VirtualBox VM (my host is Windows XP too). Now, my question is: if I deliberately infect the guest with viruses (or other kinds of bad programs) will the viruses be able to come out of it?

My concerns come from this: the internet on the VM first goes through my host with the network configuration I use. If I do this, then the viruses my VM downloads first go through my host... so, can anything happen? If yes, what network configuration could I use to prevent this?

Thanks in advance!


Posted 2011-06-06T16:27:58.237

Reputation: 21

Question was closed 2011-06-06T17:37:37.410


Did you get the idea to do this from xkcd?

– MBraedley – 2011-06-06T17:23:01.277



If the virus you're testing is designed to attack Windows XP over the network, then all your Windows XP systems will be at risk.

You do have the option of installing a second NIC and ONLY using it for your virtual machine. You'd then have to physically isolate that NIC's network from your host's network (e.g., if you're behind a firewall/router, then you'd need to be connected outside of that; using a separate ISP service is not needed, but you will probably need to have a small ethernet switch to act like a "splitter" for you between your firewall/router and the internet for the hook-up).

There are other ways to connect this stuff, but I've tried to keep to the common configuration that a lot of folks have at home already. (VLANs are good too, but they won't provide as much isolation -- I mention this because I'm pretty sure someone's going to suggest it.)

Randolf Richardson

Posted 2011-06-06T16:27:58.237

Reputation: 14 002


It's important to understand that not only is there a virtual machine, there is a virtual network involved. While we know that these devices are virtual, the Operating systems see them and treat them as real devices and typologies.

The answer will be the same as if you asked about having two separate physical computers connected to the same router, would infecting one machine put the other at risk?

With most infections in the wild today, your odds of the infected system spreading to the clean system are low. It is recommended that you leave the XP firewall enabled (the virtual devices that link the XP host to the XP guest will by default, have the XP firewall enabled) or have a stronger firewall solution in place.

EDIT: I would also recommend disabling file sharing between the systems as well in the event you come across an infection / worm that can jump between machines.

Dustin G.

Posted 2011-06-06T16:27:58.237

Reputation: 2 025


... It depends on how you've configured your "infected machine". The virus will have no direct access to your physical machine. That being said, it does have access to any (virtual) peripheral attached to your virtual machine. This includes the virtual network interface as well as shared-drives. By default... (if you're using the XP-Mode virtual machine) All drives are shared with the guest VM, for the purposes of "Integration Features". Additionally, the virtual guest might also have the "Auto Publish" feature enabled, which will put a shortcut in your "start-menu" for any applications installed in that VM. You can turn off & on all of these features, as well as setup additional virtual networks which would help isolate the host machine from the guest.

There are additional avenues that could potentially be affected, but the virus would have to be highly specialized to attack that particular Hypervisor... which makes such a virus beyond unrealistic.


Posted 2011-06-06T16:27:58.237

Reputation: 9 161