безопасность – Security in a virtual machine

Question:

Discovered such a thing as a virtual machine. I look at different versions of Linux. I enter commands, poke buttons and see what happens.

And the question is simple: Does everything that is in the virtual machine stay in the virtual machine? Do I have to worry about the security of my physical computer? Even if all the Internet viruses get into my VMware.

Answer:

Exploits that "break through" the protection of virtual machines are not in the public domain. So, unless you're working with classified information and you're not Snowden, you can consider the protection provided by the virtual machine generally strong.

Unless you break it yourself.


First of all, your virtual machine is usually connected to your computer through a virtual network. Thus, a network worm that infects a virtual machine gets a convenient platform for attacking your main system. If your computer has closed ports – this will not be a problem, but if a router with NAT was chosen as the only protection measure – you have problems.

So it's time to deal with the firewall or firewall and find out what permissions you managed to give.


A promising method of attacking a host system is a video card emulator. If you have a choice between several virtual video cards, it makes sense to limit yourself to a standard virtual video card without DirectX and OpenGL support in a virtual machine.

Also a source of danger are sets of "virtualization utilities" for guest operating systems – if you experiment with viruses, it is better not to install them.

In any case, you should not allow unlimited disk access to the virtual machine.


And lastly, we must remember that sometimes a virus does not have to get out of the virtual machine at all. Obviously, if you use the same virtual machine for experiments with viruses and for paying for something with a card, the virus will steal your payment data in the same way as it would on a real computer.

A less obvious scenario is that a virus that infects a virtual machine can include it in a botnet and DDOS someone else's site from it. Or mine cryptocurrencies for your electricity.

Update A Meltdown vulnerability has been found on Intel processors, which, in the absence of patches to close it, allows any process to arbitrarily read any places in RAM. Therefore, it is better not to work with important data while running a virtual machine with viruses if you have Intel.

Scroll to Top