Security within Virtual Machine

[GJB]

Hi,

I regularly receive packages which I know are loaded with spyware and other
nasties, but that contain valid/legitimate/safe files I need to extract.
If I install these packages into a non-networked VM environment e.g VMware
or Virtual PC would there be any "leakage" to the hosting PC?
Indeed would this be considers a safe strategy at all?

Regards,

gerry

 

[Juergen Nieveler]

I regularly receive packages which I know are loaded with spyware and
other nasties, but that contain valid/legitimate/safe files I need to
extract.

Let me guess - updates for Serials2k? ;-)

If I install these packages into a non-networked VM environment e.g
VMware or Virtual PC would there be any "leakage" to the hosting PC?

No, as that's rather the point of VMWare

Indeed would this be considers a safe strategy at all?

Yes, that's a good strategy - although if it's only compressed archives
you'd probably be just as safe if you unzip them and simply delete the
nasty files. If you don't execute them they can't harm you.

Juergen Nieveler

 

[Roger Abell [MVP]]

Today this is a cautiously valid strategy as there are no known
rootkits/malware that today climb out to the host system.
In the long run this is NOT a valid strategy as there is nothing
that prevents them from doing so if they obtain system / kernel
privs in the hosted system.

 

[Roger Abell [MVP]]

I should perhaps be more careful with the wording.
By "there is nothing that prevents them from doing so"
what is meant is that there is nothing preventing them
from trying to do so, i.e. do so if they can find exploit;
but the ability to cross the boundary is not lacking.