Sandbox security threat with VMWare Workstation 6

[medistorm]

Hi. This is my situation. On the same pc, I would like to do some Internet banking but son want to use it to play games and go to questionable website. Security wise, these 2 things do not mix and that got me thinking about VMWare virtual pc. And very much appreciate experience VMWare users? advise on this.

Can I set up a virtual pc and let my son uses that? And any securities threats will be sand boxed in VM virtual pc and not infest the host pc?

Alternatively, can I set up a virtual pc and I use that to do my banking stuff and any virus in the host pc will not get into?

I have some doubt about this because I tried setting up a virtual pc for the very 1st time and found I could drag & drop files from the host to the virtual pc and vice versa at ease. If files could move so easily between host and guest, couldn?t virus do the same?

Thanks.

[+BudMan MVC]

The only reason you could move files between the host and guest so easy, is you setup that feature in vmware workstation.

So playing games -- that he bought from a store? You feel is a security issue?

As to questionable websites? Have him sandbox any connections he makes to "questionable" websites http://www.sandboxie.com/

Playing "games" in a vmware normally is a huge performance hit on the game, the newer games require as much of the computers cpu and memory and video card to play the game as it was meant to be played... Trying to run it in a vm is going to be a hit on that performance.

[medistorm]

Thank you BudMan,

This Sandboxie looks perfect for the job.

Assuming my host pc is infested with virus or malware or keylogger. If I go open up a sandbox and do my internet banking stuff inside it, would security be compromised? i.e., nothing comes out or go into the sandbox from the host pc.

Thank you.

[medistorm]

The only reason you could move files between the host and guest so easy, is you setup that feature in vmware workstation.

Hi. I was wondering, how to do the proper setup?

Thanks.

[Kami-]

Options...?

[+InsaneNutter MVC]

I would assume if the host pc has a key logger installed it?s still going to log whatever you type in as your keystrokes are been logged before they even get to the sandbox application.

You could always boot a Linux live cd such as Ubuntu and do your banking like that, this way you know you will be virus free and any sensitive information you enter will be erased once you power the pc down as it will all be saved in the ram.

[+BudMan MVC]

Hi. I was wondering, how to do the proper setup

What do you mean "proper" You either allow for sharing files between host and guest or you do not.. Either way would be proper.

The use of the sandbox would be so your box does not get compromised, not for use on a compromised system, etc.

If you are so worried that your box is infected with keyloggers and such -- heres an idea, clean it!

Is this paranoia medically induced, or is your tinfoil hat just a bit loose? If you feel your box has been compromised -- then freaking nuke it from orbit and start over..

If your so worried your son will get your machine infected -- then don't let him use it!

Booting a liveCD every time you want to look at the balance of your checkbook or pay a bill seems a bit over the top if you ask me. Its not like this is a public computer or anything -- just take steps to make sure its clean and practice safe computing, and tighten up your tinfoil hat and you will be fine ;)

[.Kompressor]

because it is questionable with sandboxie and vmware for elminating viruses, spyware, trojans, keyloggers....it's skeptible if both use the same OS...the banking host must be locked down but at what cost?

this is where an old laptop comes in useful....for banking/accounting and nothing else...

[medistorm]

I have created a vm virtual pc. I have disabled "Shared Folder", disabled Guest Isolation (so there will be no dragging of file from host to guest and vice versa). But I have trouble setting Ethernet to Bridged mode. So I am using NAT instead. Would there be any security compromises in this area?

My son likes to go watch TV programs and movies at sites like www.pipifilm.com or www.xunlei.com or www.ppstream.com

Friends who have been to those sites told me they get fed up with viruses and nasty stuffs coming in after watching those programs. Hence my concerns. So either surf those sites in virtual pc or do online banking in virtual pc.

Any advise appreciated.