Hack in through VirtualBox to the "real" system.

[kleenex]

Hi, is there any chance, that somebody can hack in to the Linux machine through VirtualBox? Let say, that I am running Linux 1, I've installed VBox and on VBox another Linux 2 distro. Is there any chance, that during using Linux 2 via VBox, Linux 1 host system can be hacked? If so, how?

I'm asking, because I'm planning to install VBox and test some others systems etc.

Thanks.

[haqking]

Hi, is there any chance, that somebody can hack in to the Linux machine through VirtualBox? Let say, that I am running Linux 1, I've installed VBox and on VBox another Linux 2 distro. Is there any chance, that during using Linux 2 via VBox, Linux 1 host system can be hacked? If so, how?

I'm asking, because I'm planning to install VBox and test some others systems etc.

Thanks.

it depends, the answer is both yes and no, like everything security is a process not a product.

If you have a VM which is acting a live client on the network with shares and using shares, using shared folders to host machine then in theory yes as there is access to the host.

if you however minimise the access to host and network then you reduce the risks.

it is a possibility but still not a common one so not too much to worry about, but as i say as with everything contol ingress and egress

There are some known vulnerabilites been patched but shows potential such as cloudburst http://www.darkreading.com/security/...-its-host.html

There are new techniques emerging daily, unless you unplug you are never "secure" you can only take steps to make it harder to breach.

Peace

[Hungry Man]

Sure. Virtual Machines are very complex systems. Whereas your typical operating system has its own set of bugs a VM should (if it's emulating perfect) have all of those bugs as well. Because no emulation, no program, is perfect the VM should share bugs while still maintaining its own set of bugs.

This added complexity makes VMs actually a somewhat poor choice for security outside of malware analysis and very specific use cases.

Very little malware 'in the wild' is going to attempt to break out of a VM, most will just shut down to avoid analysis. But if your question is about whether or not it is possible, it is very possible.

[kleenex]

Hi haqking and Hungry Man. If I will install VBox, certainly a system in it will not be exposed to the world with any services etc. So, if there will be no open ports, services such as Apache etc. the risk is similar? Of course all the updates also will be installed.

Hmm, now I'm very seriously considering whether install or not to install

[Hungry Man]

If any operating system has no open ports it's going to be pretty secure, barring special vulnerabilities.

[pkadeel]

Hi haqking and Hungry Man. If I will install VBox, certainly a system in it will not be exposed to the world with any services etc. So, if there will be no open ports, services such as Apache etc. the risk is similar? Of course all the updates also will be installed.

Hmm, now I'm very seriously considering whether install or not to install

The actual situation is not that serious specially when the guest is not exposed to the Wild Wild Web.

On the contrary to what others say, I consider virtual machine more secure because the concept of virtual machine is similar to a sandbox and whatever I do inside it does not affect my host system unless you share system folders of the host with read/write permissions. But it is just my thinking and can be wrong.

[kleenex]

Hi pkadeel. True, VBox seems to be like a sandbox. So, maybe I will decide to install VBox. Thanks for all answers!

[SeijiSensei]

Hi haqking and Hungry Man. If I will install VBox, certainly a system in it will not be exposed to the world with any services etc. So, if there will be no open ports, services such as Apache etc. the risk is similar? Of course all the updates also will be installed.

In this model just who would be attacking the server in the manner you describe? Is the host OS exposed to the Internet?

If you plan to the VM in the standard "NAT" mode, then the VM guest is hidden behind the host in much the same way LAN clients behind a masquerading firewall are hidden.

I don't think there is much to worry about here.

[kleenex]

Hi SeijiSensei. For now I'm planning to do only some tests. Nothing big. Host OS is not exposed to the Internet.

[Ms. Daisy]

it depends, the answer is both yes and no, like everything security is a process not a product.

If you have a VM which is acting a live client on the network with shares and using shares, using shared folders to host machine then in theory yes as there is access to the host.

if you however minimise the access to host and network then you reduce the risks.

it is a possibility but still not a common one so not too much to worry about, but as i say as with everything contol ingress and egress

There are some known vulnerabilites been patched but shows potential such as cloudburst http://www.darkreading.com/security/...-its-host.html

There are new techniques emerging daily, unless you unplug you are never "secure" you can only take steps to make it harder to breach.

Peace

OMG haqking stepped out of the shadows! \o/

@ kleenex: Maybe if you describe what you plan to test with some more detail you'll get a better answer. But even if the guest is bridged, the likelihood of guest-to-host break-out is pretty slim. Can you even create a canned exploit for such a thing? Seems like there are way too many variables- you'd have to create a unique attack on each system. --> the cost of exploitation is pretty high.