Link to home
Start Free TrialLog in
Avatar of Andrew Leniart
Andrew LeniartFlag for Australia

asked on

Best way to setup a Win 7 VM with minimal access to the Host Operating System

Hi Experts,

Here's the scenario, though I'm quite familiar with Oracle VM VirtualBox, a colleague of mine wants to setup a VM using Win 7 Pro as the host, just as I did when I ran the tests on infected sites described in my article > Here < and has asked me for advice so he can do a similar exercise with putting "his" host at minimal risk.

I did my tests on a pre-imaged and backed up dedicated Win 7 Pro Test Machine so wasn't too concerned. Even though the VM's I setup didn't infect my Host during any of my tests, I'm not confident enough in my abilities to give instruction on how to configure the testing VM's in such a way as to how to limit access to the Host system thereby lessening the chances if it being affected by something he may run across during "his" testing of malicious sites.

That's where I need some help.

Can any experts advise on the settings they would recommend using in the Oracle VM Virtual Box VM Setup so that it would have the following;

  • Full access to the Internet (obviously)
  • None (or as limited as possible) access to the Win 7 Pro Machine Host System Drive in order to prevent any possible leaks of infections and thus cause possible damage to the host

Your suggestions please?

Many thanks..
ASKER CERTIFIED SOLUTION
Avatar of Chris Jones
Chris Jones
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Andrew Leniart

ASKER

Thank you for your suggestions Chris, very much appreciated.  

I'll definitively be advising him to beef up security on his Host to paranoid levels as much as possible while he conducts his tests too.

Thanks also for the links you've provided at the end of your message. I will look into them.

Best...
No problem,

If you want to be very thorough you may wish to compare vulnerabilities between things like VMWare Player/Workstation and VirtualBox to see which one might be in better condition at the time of testing. (I suspect they're both up to date however).

Which on that note, make sure to keep the host, guest, engine and any extensions up to date (but maybe not until after exploit Wednesday :))
Yes, he will be using current versions and up to date extensions Chris. Have already told him to make sure he does that.

Anyone else have any input on this that they might share?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
@compdigit44 - Couple of great suggestions I'll look into, particularly AppLocker which I had not considered suggesting he use.

Thank you kindly for your input.

Anyone else have suggestions?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks for your suggestions guys.. Much appreciated.