Is Windows XP in VM safer?

Discussion in 'sandboxing & virtualization' started by mattdocs12345, Mar 7, 2014.

Thread Status:
Not open for further replies.
  1. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    Will running Windows XP in Virtual Machine be significantly safer than as main operating system?
     
  2. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    I wouldn't say it's safer... True, you can avoid infecting your host OS in case you get hit by malware by using a guest XP, and you can restore it to a clean state easily by using snapshots, but the XP system itself is not safer just by being inside a VM.
     
  3. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    +1 Nebulus

    It all depends upon how you define "safer".

    Running XP in a VM will eliminate almost all the threats to the "real" system including rootkits,etc.However if you use it for the likes of online banking,you'll still be at risk of localized attacks such as keylogging,data mining,etc.
     
  4. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    I assume that the only incoming attacks that I have to worry about are those coming from the browser.
    The host firewall should protect me from everything else.

    Im planning on watching netflix and logging into skype on XP.
     
  5. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi

    Robolinux is specially designed for runung Windows/XP on Linux via VB VM
    http://www.robolinux.org/
    Non critical tasks (client/server side threats against logins) and short sessions are recommended.

    Rgds
     
  6. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,736
    epic fail - NEVER let traffic pass thru host adpater. nevertheless XP will be still vulnerable as mentioned before (#3)

    install required software in VM then cut line - or try compatility mode (XP SP3) on win7/8.

    for me there is no software which is not runniung on win7/8 either its such old itself has vulnerabilities.
     
  7. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  8. Aryeh Goretsky

    Aryeh Goretsky Security Expert

    Joined:
    Apr 4, 2006
    Posts:
    54
    Location:
    United States
    Hello,

    I think AndyMan35 hit it on the head with his response of
    The one thing I can think of which might make a difference is that some malware is "VM-aware" and will not run when it detects it is being run inside of a virtual machine.

    Regards,

    Aryeh Goretsky
     
  9. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    If you're using Bridged Adapter in VirtualBox, then the host's firewall (and realtime AV) won't protect you in the bridged virtual machine. If you're using VirtualBox NAT, then there are more open ports on the host reachable from the virtual machine than you may like (unless you make some outbound firewall block rules in guest firewall).
     
  10. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,093
    Location:
    Netherlands
    Very interesting, do you have tested it?
     
  11. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    A minimum $2.00 donation required to download. Honestly, why not just run Windows in a VBox session in any Linux distro desired?
     
  12. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi
    For Mr Management from the country of the Ajax, Robolinux is a Debian based distro intented for beginners.
    All is designed to make the process simple and easier, not only the install, but also the switching and Linux conversion from Windows.
    I've only tried it a few month ago in Live USB, as i'd rather a dual boot or one OS per machine (custum Arch for serious tasks).
    Robolinux takes also some graphics from Mac world, especially the dock designed under OSX inspiration.
    So i have not experimented its protection.
    Cross platform malwares exists, like java rats, but the risk of breaking the VM is very limited.
    I attach a screenshot of the live destop, as i have it in a 16 Go multi distro USB key.
    The specific VM tools are paid with a donation but the iso can be downloaded fron Sourceforge
    4. Completely new Robolinux V7.4.1 Stealth VM Software Tools have been released and may be downloaded after making a very small donation.

    http://sourceforge.net/projects/robolinux/

    This things said, the inial question makes no sense, especially in a personal and private environement.
    The upgrade for Win7/8 has a cost for corporate environements, but for home desktop environements, it is suited to forget Windows XP.

    Rgd
     

    Attached Files:

  13. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    The donation amount is trivial anyway. Even $5-$10 is okay with me. I was just wondering what makes running a VM in RoboLinux that much more special than running a VM in another distro one might favor instead. I watched the demo video on recovering from a virus in RoboLinux and it seems more drawn out than it needs to be, with several steps involved. Why not simply hit Restore a previous snapshot (at least how it works in VMWare) and be done with it?
     
  14. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,093
    Location:
    Netherlands
    Thanks for the answer (more a rugby fan though)
     
  15. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Indeed. I used to have several things that could fit into that definition, security, privacy and anonymity related. But now it's only function is really to serve as a means to eliminate persistence. And as such at this point is like an overly bloated/convoluted version of Shadow Defender. Not to mention moot with imaging software. And I'm thinking about eliminating it too now owning a SD key and with Macrium Reflect.
     
  16. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi
    News from Robolinux http://distrowatch.com/?newsid=08366
    Since you can deal with any VM in any system, Robolinux is not necessary, as the main goal is to be as easy as A B C for the mass.
    I have not experimented the super Stealth VM, so i can not help about it.
    Then download and try by yourself or contact the dev.
    http://sourceforge.net/projects/robolinux/files/?source=navbar
    http://www.robolinux.org/about/
    And why not Robolinux + Arkoon ExtendedXP for those who are in the XP Alcatraz...
    http://www.arkoon.net/en/extendedxp/

    Rgds
     
Loading...
Thread Status:
Not open for further replies.