total noob and virtual box question

[lcbjr1979]

I was running virtualbox last night and trying to get it infected and my anitvirus was blocking it from happening. I assume you need to turn the antivirus on the computer off but if i do that will my computer be safe and just allow the virtualbox app to get infected.

 

[MrUnknown]

I don't see how your antivirus was blocking viruses inside the VM.

Are you referring to blocking web access to download the virus samples?

It is pretty much impossible for a virus to escape the VM and get onto the host. It would have to spread through the shared folders feature of VirtualBox or exploit the host machine through networking. The virus can't just "jump out" of the VM and attack the host.

The only situation I can see this happening is if VirtualBox or VMWare had an exploit that allowed it and the virus was actually written to take advantage of it. They aren't really written to do that but some viruses do have methods of trying to see if it is in a VM to try to prevent reverse-engineering.

 

[lcbjr1979]

well i am just trying to learn virtualbox and to be honest i have no clue how to use it. What i was doing was I was running virtualbox and booted up my ubcd4win in it and had it run with networking. I got on the internet from there and went on random sites trying to get a virus and when i would get on one my avast av on my computer would block it. Is this because i was running off of the boot cd and not an OS in virtualbox?

 

[MrUnknown]

is Avast blocking it while it is downloading or did you try to run it in UBCD4Win and then avast blocked it?

The virtual machine (VM) uses your internet connection to get online, so Avast could be blocking it from being downloaded, which is good.

If you are saying you fully downloaded the virus and tried to execute it in the VM but Avast blocked it, I don't see this as possible. That UBCD VM is essentially a different computer. Programs do not have access to the VM, and it doesn't have access to the host computer.

I personally wouldn't worry about disabling your AV for a while if it is preventing the download of malware. As I said, there isn't really any way for it to jump out of the VM.

 

[lcbjr1979]

Avast blocked it before it could even download.

 

[atlanticjim]

IIUC:
UBCD4win runs its own lite OS and therefore remains in volatile memory and does not use the OS on the HD. I don't recall if the UBCD4win OS loads antivirus at startup, but if it is, then it caught the virus.
You cannot infect a machine with UBCD4win running because it uses the lite OS that is actually never resident on the computer, just runs from between the CD and the RAM.
In contrast, the VM program does use the HD to store and retrieve data so you can infect the OS files in the VM. If you want to play with virii, try to do it on a computer with non-essential data (so you can wipe the HD in case of disaster) and load any VM program then infect from within the VM.