Linux - Virtualization and CloudThis forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm intending to run win7 in a VM wiuth Virtualbox. My box will only do one VM because it sucks.
Let's say it's hacked and the host is linux. How bad can it get?.There will be basically nothing I can't reinstall, and basically no data. I'm not running servers or a website.
Are you on a home connection or a business connection? What sort of networking do you intend to use for the guest? Will you be setting up shared folders? What services will the guest be running, and what services will the host run? Is the host behind a hardware firewall?
Once setup, you can clone a second one. Use one for safe situations and the other for dangerous living.
If the latter is shot down, restore the OVA takes a dozen minutes at most.
As long you run only one VM at a time, it should be fine (mine is a 4th gen I7).
Is this so ?
I currently run about more than half VMs under VirtualBox.
Recently during a Hackathon in Peking they successfully hacked Qemu-KVM. That put a pause on my Qemu
conversion project (or maybe that's an excuse for me to take a breathing).
I doubt it is dangerous for Linux or other non-windows host. However, if Windows in this VM is "pwned" then it can be used to attack other computers on LAN, which otherwise are behind NAT and cannot be attacked directly.
@pan64: Surely every box on the internet is unsafe by that standard, as Russian hackers have taught us.
@leclerc78: I'll have a vdi backup on USB drive. Why make 2 and just use one? I'm not using it for games, just anything that does much better in windoze. Maybe I'll try zoom if the audio & video work. It's only running occadsionally.
Any attack would need to hack windoze 7, from there get through VM isolation, and from there get through linux. That seemed to me like a tall order.
@Emerson: There is no wired, just wifi. My box has no other servers - mail, apache, mariadb, inetd, any of that stuff. AFAIK there's no servers under Win10 or my RazPi.There's always an exploitable IOS or Android, and android which are exploitable. That makes it win7-->VM container-->linux-->mobile OS. If they get through that lot, they deserve it!
Last edited by business_kid; 03-29-2021 at 01:25 PM.
It would be pretty easy to create a VM of Pfsense/Untangle and run all traffic VM to VM between the two clients. Then you have some sort of way to manage risks.
I still use Windows 7 on some things. I don't care if it gets hacked. I don't keep any personal data on it.
I doubt it is dangerous for Linux or other non-windows host. However, if Windows in this VM is "pwned" then it can be used to attack other computers on LAN, which otherwise are behind NAT and cannot be attacked directly.
That's the answer here.
If you have access to the router's settings, you should ensure that the firewall is on. Block everything. Turn off port forwarding. You'll still be able to browse, etc. But if you're not running any services, then there is no need to allow any traffic through.
Realistically, if you're using Windows 7 for something specific in a VM and it's behind a firewall the risk is relatively low, provided that you're not downloading random executable files or double-clicking on email attachments without checking them first.
From a security perspective, W7 is quite far removed from the original release of Windows XP, which was basically wide open in an era when we connected computers directly to the internet without a second thought. The kinds of worms we saw in the past (eg: Blaster, Sasser, Welchia) could not spread the same way today. ISPs are smarter, and things like the default settings of routers are better.
Given a choice, I'd much rather have W7 running in a VM than on a physical box on my network.
I make it a practice to enable the firewall on any VM I run, and, if it's Windows, run a AV program.
However, as Win7 is no longer supported and will not receive security updates, I doubt there as any way you can make a Win7 VM secure. However, you can increase the safety of your own devices by using VirtualBox's NAT networking (that's the default when you create a new VM). That way, the VM will not be able to see your local network and vice-versa.
@business_kid
If 'getting hacked' is your concern, try EasyOs on a USB stick.
At the near bottom of the menu, there is an option
'Copy to RAM and disable all drives' - very interesting.
Being honest, I was going to do it unless people screamed at me not to. I gather some are frowning, but none are screaming.
I'll mark this solved. If/when they ban religion, I'll be a lot more security conscious. It's not like I have a server running.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.