Linux - Virtualization and CloudThis forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have to still use Windows 7 for software reasons, but I keep that machine offline by default, and only go online briefly, disconnecting the WiFi as soon as I close my browser.
If I run a Linux distro in Virtual Box, with this Windows 7 system as host, how secure is it? more secure than if I go online with Windows? Or just the same, since Windows 7, which is unsupported, is host? I do run paid AV on Windows, and it never finds anything. But as time goes on, I find myself worrying more when going online. The attacks may become more nasty, so I want to make sure I'm safe.
There has been some speculation on how secure it is versus what is proven. To be safe, one can build a latest Windows or Linux version and run some virtual machine. The latest windows is free at least for some amount of time.
The term for security is best practices for the most part. The more you learn and the more you do the safer you are.
I have a single usb ssd that I make and keep updates for access to financial sites. Almost no secure by default distro's so you may have to configure them.
If you use the VirtualBox default NAT networking for the guest, your host will not be able to see the guest and vice-versa. If you configure your Linux guest with a proper firewall, AV, etc., it should be even safer than the unsupported Windows 7 host.
The guest is still sharing the network adapter with NAT the host would technically still be vulnerable as far as I know. If you use a USB Ethernet adapter connected to the guest the network would be isolated from the host in theory.
Have you ever thought about changing your Windows 7 into a VM and run that on a decent, recent, updated more secure host (like a good administered Linux distro)?
Also give you the possibility of snapshotting your Windows machine and revert easily in case of problems.
There has been some speculation on how secure it is versus what is proven. To be safe, one can build a latest Windows or Linux version and run some virtual machine. The latest windows is free at least for some amount of time.
The term for security is best practices for the most part. The more you learn and the more you do the safer you are.
I have a single usb ssd that I make and keep updates for access to financial sites. Almost no secure by default distro's so you may have to configure them.
I agree that the biggest factor in security is the behavior of the user. We do our sensitive stuff, like finances, on Linux. I have my wife using Zorin. she only occasionally goes on Windows 7, mainly for occasional Zoom meetings. I have set up her Dell laptop as a dual-boot.
If you use the VirtualBox default NAT networking for the guest, your host will not be able to see the guest and vice-versa. If you configure your Linux guest with a proper firewall, AV, etc., it should be even safer than the unsupported Windows 7 host.
Thanks, that sound encouraging. If running W7 in a virtual system on a Linux host is even marginally safer, it makes sense to do so.
The guest is still sharing the network adapter with NAT the host would technically still be vulnerable as far as I know. If you use a USB Ethernet adapter connected to the guest the network would be isolated from the host in theory.
If most attacks are directed at Windows, wouldn't it be safer inside Linux? Or would it be better to sandbox it?
Have you ever thought about changing your Windows 7 into a VM and run that on a decent, recent, updated more secure host (like a good administered Linux distro)?
Also give you the possibility of snapshotting your Windows machine and revert easily in case of problems.
I would but it wouldn't work in this case. The software I need is Sonar, a DAW, or music creation program. The plugins I use, especially orchestral libraries, would not do well in a virtual system, unless I had an incredibly powerful computer. even then, the graphics alone would make it undesirable.
By using VirtualBox with a USB network adapter your Windows host would remain offline and be unable to connect to the internet. If you need to copy something from linux to Windows you could use a shared folder.
A VirtualBox NAT uses the same network adapter as your Windows system but then adds software to create a simple firewall/router. Your Windows system would still be online. You can select no adapter or internal adapter to completely isolate guest.
In post #7 you indicate that running W7 within a VM makes sense but then #9 post it would not work? If you have other computers running linux why do you need this particular PC to briefly go online at all?
By using VirtualBox with a USB network adapter your Windows host would remain offline and be unable to connect to the internet. If you need to copy something from linux to Windows you could use a shared folder.
A VirtualBox NAT uses the same network adapter as your Windows system but then adds software to create a simple firewall/router. Your Windows system would still be online. You can select no adapter or internal adapter to completely isolate guest.
In post #7 you indicate that running W7 within a VM makes sense but then #9 post it would not work? If you have other computers running linux why do you need this particular PC to briefly go online at all?
Thanks. I got confused between running windows 7 inside Linux, and running Linux inside windows 7. My intention was to ask if running Linux inside Windows 7 is safer, in terms of going online, than going online in windows 7. Certainly, running windows 7 inside linux is safer.
If I install Linux on that computer, then theoretically I could go online without worrying about updating my Windows AV (Malwarebytes Premium). By using Linux, I would - again, theoretically - be safer than using that same machine to go online in windows. I could also ditch the paid AV, as Linux doesn't need any. that would save me a little money.
I think it's wrong to suggest most attacks are directed towards Windows. Windows may be the most popular so in that sense it could be attacked.
Smart attackers won't let the OS stop them. They will seek any crack to worm in on.
Don't assume Linux is more secure. Many a high profile issue with Linux in the last 20 years.
Any reason for EVER taking the Windows online ?
You need 2 ssd's/ A Windows on one and a real os on the other.
Do what ya gotta do(work) in Windows. If it needs sending out or something boot the real os, access the Wdoz hd and attach the work as necessary.
I think it's wrong to suggest most attacks are directed towards Windows. Windows may be the most popular so in that sense it could be attacked.
Smart attackers won't let the OS stop them. They will seek any crack to worm in on.
Don't assume Linux is more secure. Many a high profile issue with Linux in the last 20 years.
Good point, behavior is by far the most important variable. The one time I know my computer was hacked, I was on a BSD system. I was on a music composing forum, which used the flash player. I had the 'pepper" version, so I falsely assumed I was safer. I went to get a cup of coffee, and when I returned, there was a terminal up and running. I saw "chroot" being typed as I watched. I immediately shut down, wiped the drive with D-Ban, and set it aside. I then posted two threads on the forum for people to get rid of flash. Most did not. I then convinced the admin. to upgrade from Ning 2.0 to 3.0, which finally got rid of flash. So it was my behavior, not the system, that was the problem.
Any reason for EVER taking the Windows online ?
You need 2 ssd's/ A Windows on one and a real os on the other.
Do what ya gotta do(work) in Windows. If it needs sending out or something boot the real os, access the Wdoz hd and attach the work as necessary.
Convenience, mostly. Not having to shut down, which on my music rig causes my projects to take a long time to open. I usually just put windows to sleep, then the projects open 10X faster. I clear the cache regularly with Wise Cleaner. Also, downloading things I need for my music, like orchestral libraries, plugins, portals etc. Downloading in Linux doesn't work very well. It's quite a process to be able to install them in windows after downloading in Linux.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.