Protecting the Windows using Linux

[Karthik Balaguru]

Hi,
The internet connection is in Linux (Host OS).
I am just eager to know if i have Windows as a
guest OS on Host OS(Linux), is it less possible
for Windows to get infected by virus ?

If Windows crashes, is there a mechanism
to recover it from Host OS(Linux) ?
Also, is there any mechanism to debug windows
from linux ? Any ideas ?

I am planning to use Ubuntu as Host OS and
Windows Vista as Guest OS and either
Vmware or VirtualBox (Virtual machines).

Thx in advans,
Karthik Balaguru

 

[M0she_]

Hi,
The internet connection is in Linux (Host OS).
I am just eager to know if i have Windows as a
guest OS on Host OS(Linux), is it less possible
for Windows to get infected by virus ?

If Windows crashes, is there a mechanism
to recover it from Host OS(Linux) ?
Also, is there any mechanism to debug windows
from linux ? Any ideas ?

I am planning to use Ubuntu as Host OS and
Windows Vista as Guest OS and either
Vmware or VirtualBox (Virtual machines).

Thx in advans,
Karthik Balaguru

Do you have a lot of free time on your hands?
If so, Linux may be just the thing for you!!

 

[Karthik Balaguru]

No -

Great !

Make sure you have a good antivirus program on your Windows OS.


It's best not to use Linux at all if you can help it.

But, Why ?

I need few applications that run in linux and few
applications on windows. But, since windows
is more prone to virus , i am planning to have
internet connection on linux(Host OS).

Karthik Balaguru

 

[Karthik Balaguru]

No - Make sure you have a good antivirus program on your Windows OS.

Do you mean to say that windows will get infected
even if it runs as a guest OS on linux OS ?
Strange !!

It's best not to use Linux at all if you can help it.

Karthik Balaguru

 

[ToddAndMargo]

Hi,
The internet connection is in Linux (Host OS).
I am just eager to know if i have Windows as a
guest OS on Host OS(Linux), is it less possible
for Windows to get infected by virus ?

Yes. Same way as always. Surf with IE, etc..
To be safe, do no eMail or surfing from a
Windows guest. Firefox and Thunderbird work
very well in Linux. And, the guest will need
a firewall. you can use iptables in Linux, if
you pass traffic through Linux before it gets to
your guest (bridge networking). Remember
you can create a virtual network card (eth0.5) to
force your internet traffic through iptables.

If Windows crashes, is there a mechanism
to recover it from Host OS(Linux) ?
Also, is there any mechanism to debug windows
from linux ? Any ideas ?

Yes. Your guest OS is just a large file to your
host OS. Backup your guest image. Or, if using
Virtual Box, backup your entire ~/.virtualbox
directory. Keep lots of copies and restore
to a previous date.

I am planning to use Ubuntu as Host OS and
Windows Vista as Guest OS and either
Vmware or VirtualBox (Virtual machines).

I use Virtual Box with CenOS as host.
Guest: Xp, Vista, W7, others.

Vista is horriale as a guest. Xp and W7 as
well behaved.

 

[Karthik Balaguru]

Great !

In one of my earlier replies,
It should not be 'Great !'. It should be 'Strange ! ?'

But, Why ?

I need few applications that run in linux and few
applications on windows. But, since windows
is more prone to virus , i am planning to have
internet connection on linux(Host OS).

Karthik Balaguru

 

[ray]

Do you mean to say that windows will get infected even if it runs as a
guest OS on linux OS ? Strange !!


Karthik Balaguru

Main problem here is that bill knows absolutely nothing about Linux. He's
simply one of the MS shills who badmouth Linux at every opportunity.

 

[David W. Hodgins]

The internet connection is in Linux (Host OS).
I am just eager to know if i have Windows as a
guest OS on Host OS(Linux), is it less possible
for Windows to get infected by virus ?

Using VirtualBox, I have xp running as a guest under
Mandriva linux, with the network setup as a bridged
adapter on eth0.

The guest gets it's own ip address, and the packets
going to/from the guest, do not pass through the
linux firewall.

From the point of view of the guest os, it's as if it
had it's own real network interface card, so it's just
as susceptible to network attacks, as it would be if
running on native hardware.

As with any m$ software, make sure it's protected by
a properly configured router.

If Windows crashes, is there a mechanism
to recover it from Host OS(Linux) ?

It works the same as it would, when running on native
hardware. You change the settings to boot from the
windows install cd (or an iso image of one), and then
repair the installation.

If you have enough disk space, you can make backup
copies of the virtual hard drive, that you can then
use to restore an old copy, similar to making a ghost
backup, when using native hardware.

Also, is there any mechanism to debug windows
from linux ? Any ideas ?

Not really. You can tell from the host whether it's
chewing up i/o, cpu, etc, but that's about it.

I am planning to use Ubuntu as Host OS and
Windows Vista as Guest OS and either
Vmware or VirtualBox (Virtual machines).

I've found VirtualBox intuitive to setup, and easy
to use. For proper usb support, you should use the
version downloaded directly from www.virtualbox.org,
rather then distribution provided Open Source
Edition packages.

Regards, Dave Hodgins

 

[ray]

Main problem here is that ray knows absolutely nothing about Windows.
He's simply one of the linux shills who badmouth Windows at every
opportunity.

Ah yes, should have mentioned frankie is another one - they're refugees
from a couple of the MS groups - always pumping FUD about Linux.

 

[The Natural Philosopher]

Hi,
The internet connection is in Linux (Host OS).
I am just eager to know if i have Windows as a
guest OS on Host OS(Linux), is it less possible
for Windows to get infected by virus ?

No, but a snapshot restore will get you back up a lot quicker..

If Windows crashes, is there a mechanism
to recover it from Host OS(Linux) ?

Not really. If it crashes it crashes. It jhas to restart someohow.

Also, is there any mechanism to debug windows
from linux ? Any ideas ?
Pass.

I am planning to use Ubuntu as Host OS and
Windows Vista as Guest OS and either
Vmware or VirtualBox (Virtual machines).

good idea. I just finished a Virtual box installation. Faster than
VMware by far, though not quite so pretty at the edges.

 

[The Natural Philosopher]

Do you mean to say that windows will get infected
even if it runs as a guest OS on linux OS ?
Strange !!

Of course. It's effectively a standalone machine. Running on some
curious hardware..

 

[The Natural Philosopher]

one of the linux shills

Shilling for who precisely?

who after all, will pay him to do that?

 

[Edward A. Falk]

Relevant:

http://xkcd.com/350/

 

[ray]

Hi,
The internet connection is in Linux (Host OS). I am just eager to know
if i have Windows as a guest OS on Host OS(Linux), is it less possible
for Windows to get infected by virus ?

If Windows crashes, is there a mechanism to recover it from Host
OS(Linux) ?
Also, is there any mechanism to debug windows from linux ? Any ideas ?

I am planning to use Ubuntu as Host OS and Windows Vista as Guest OS and
either
Vmware or VirtualBox (Virtual machines).

Thx in advans,
Karthik Balaguru

You'd probably get better answers in a virtualization related group.
Since you specifically mentioned vmware, you might try something like:
vmware.for-linux.general.

 

[Karthik Balaguru]

Using VirtualBox, I have xp running as a guest under
Mandriva linux, with the network setup as a bridged
adapter on eth0.

The guest gets it's own ip address, and the packets
going to/from the guest, do not pass through the
linux firewall.

Okay.
Another possible thought is disabling the
internet support in the guest OS. But that would
be blocking the applications that are running on
the guest OS to access internet. :-(

 From the point of view of the guest os, it's as if it
had it's own real network interface card, so it's just
as susceptible to network attacks, as it would be if
running on native hardware.

As with any m$ software, make sure it's protected by
a properly configured router.

Okay, but it is strange that there is no mechanism/tricks
in VirtualBox/Vmware to make the packets to flow
through the host OS to the guest OS ?

It works the same as it would, when running on native
hardware.  You change the settings to boot from the
windows install cd (or an iso image of one), and then
repair the installation.

If you have enough disk space, you can make backup
copies of the virtual hard drive, that you can then
use to restore an old copy, similar to making a ghost
backup, when using native hardware.

I think, this is the best option.

Not really.  You can tell from the host whether it's
chewing up i/o, cpu, etc, but that's about it.

Okay.


I've found VirtualBox intuitive to setup, and easy
to use.  For proper usb support, you should use the
version downloaded directly fromwww.virtualbox.org,
rather then distribution provided Open Source
Edition packages.

Thx in advans,
Karthik Balaguru

 

[Karthik Balaguru]

Yes.  Same way as always.  Surf with IE, etc..
To be safe, do no eMail or surfing from a
Windows guest.  Firefox and Thunderbird work
very well in Linux.  

But, this would be blocking the applications
running on guest OS to access internet :-(

And, the guest will need
a firewall.  you can use iptables in Linux, if
you pass traffic through Linux before it gets to
your guest (bridge networking).  Remember
you can create a virtual network card (eth0.5) to
force your internet traffic through iptables.

Interesting. Great !!
Need to check the mechanism to pass the
traffic through the host OS(Linux) to
guest OS (bridge networking) and the virtual
network card to force internet traffic through
iptables in VirtualBox / Vmware.

Yes.  Your guest OS is just a large file to your
host OS.  Backup your guest image.  Or, if using
Virtual Box, backup your entire ~/.virtualbox
directory.  Keep lots of copies and restore
to a previous date.
Okay.


I use Virtual Box with CenOS as host.
Guest: Xp, Vista, W7, others.

Vista is horriale as a guest.  Xp and W7 as
well behaved.

Karthik Balaguru

 

[Hans-Peter Diettrich]

The internet connection is in Linux (Host OS).
I am just eager to know if i have Windows as a
guest OS on Host OS(Linux), is it less possible
for Windows to get infected by virus ?

The guest systems are not protected in any special way.

If Windows crashes, is there a mechanism
to recover it from Host OS(Linux) ?

No, except for easy backups of entire VM's, or the ability of the
virtualization software to reset a VM into some previous state
(snapshot). Both methods have their pro's and con's, with regards to
performance and disk space. I'd go for backups of entire machines, which
are easy to restore (simply copy the VM folder). If you want to preserve
huge downloads, put them on an independent virtual disk (not affected by
snapshots), then you can backup the system and data disks independently.

I found it good practice to separate system and data disks anyway. You
can have any number of virtual disks, for different purposes, and with
some experience you can use them in multiple VMs. E.g. I have
independent disks for my many software projects, so that I can start
updating a particular project by attaching the virtual disk to my
development VM.

Shared folders are another way for persistent data storage. The folders
can be used in multiple VM's at the same time, and also are accessible
from the host OS. Shared folders may be slower than virtual disks,
because they are implemented as remote (network) resources, so that they
should not normally be used for life data; but they can hold downloads
very well, where the duplicate network traffic (from Internet to guest
to disk) is almost neglectable.

In any case you should consider that a virus can spread onto *every*
attached R/W disk or folder. That's why IMO restarting infectable guests
from a clean state is essential. Where Windows systems have a higher
risk of infection, because they are the preferred targets of malware
producers. While newer Windows versions (Vista...) have acceptable
admin/user isolation, its administration (ACL, UAC...) IMO still is a
mess. At least it's easier to protect a Linux system by simply logging
in as non-privileged user - the essential system files and folders are
always owned by "root", without any need for special administration efforts.

Also, is there any mechanism to debug windows
from linux ? Any ideas ?

No idea. Remote debugging may be possible, but that's not related to
virtualization.

I am planning to use Ubuntu as Host OS and
Windows Vista as Guest OS and either
Vmware or VirtualBox (Virtual machines).

If you want a stable host system, then do not use it for surfing at all.
I'm using a tiny Win98 VM for surfing, which is easy to backup and also
to restore to its "virgin" state after every Internet session. Any Life
CD (Ubuntu, Knoppix...) can be used for that purpose as well, where a VM
will boot the CD faster from the ISO image than from a CD drive. BTW
creating and burning ISO images is built-in with almost every Linux, no
need for additional (expensive and/or unreliable) burning tools.

DoDi

 

[Nico Kadel-Garcia]

Certainly! By emulating the full OS, you emulate the bugs and
vulnerabilities.

Of course. It's effectively a standalone machine. Running on some
curious hardware..

There are some interesting approaches to this. Using ClamAV and the
like to scan the Windows filesyste, from the safe Linux world, is very
handy at spotting some kinds of infected files. But other
vulnerabilities, such as website infection attacks, can use holes in
the existing Windows software that ClamAV has no chance of detecting.
Another approach I've just heard about is using VMWare and a kernel in
the Hypervisor that hosts the guest operating systems to provide
certain types of protection: this might work best with para-
virtualized kernels in the guests.

Now, if our friend was running WINE, and using that to run Windows
applications actually on the Linux host and not in a virtualized
operating system, *THAT* gets you some protection from virus trouble.
But not everything runs well that way.

 

[Aragorn]

news:7386f63f-909d-4ce6-8f4d-55a8ef44c0b0@x10g2000prk.googlegroups.com...

No - Make sure you have a good antivirus program on your Windows OS.

That would be correct, and better still would be to use one of the many
antivirus tools available for GNU/Linux, since those tools are designed
to scan for *Windows* viruses, and given that a Windows virus cannot
affect GNU/Linux, it is safer to scan Windows filesystems from within
GNU/Linux.

A Windows machine infected with a virus can scan its filesystems for
viruses, but the virus could be hiding from the scanner in RAM. This
is not possible in GNU/Linux.

To the OP: that depends on what you mean by recovering. Since it is a
virtual machine, you could make a backup copy of the entire guest OS
image and restore it from the host operating system if anything ever
goes wrong with the guest.

OP: that depends on how you define "debugging". Since the Windows
system runs inside a virtual machine which in turn runs on top of a
host operating system - as opposed to running on top of a bare metal
hypervisor such as Xen - it should be possible to access the guest
operating system's memory from within the host operating system, but
this will require a root privilege debugger.

Given the context of using virtual machines, I don't know whether any
such specialized utilities would exist, but the access to the guest
from within the host is there. Just keep in mind that a Windows
environment is entirely different from a UNIX environment.

It's best not to use Linux at all if you can help it.

And that must be the joke of the year - see your own reply to the first
paragraph. The internet would be a much safer place for everyone if
Windows didn't even exist.

 

[Karthik Balaguru]

You'd probably get better answers in a virtualization related group.
Since you specifically mentioned vmware, you might try something like:
vmware.for-linux.general.- Hide quoted text -

Okay, regd vmware i will be checking
with vmware.for-linux.general.

VirtualBox related links/usermanuals seems
to convey some info, but not clearly.

The usermanaul seems to have some info -
In bridged networking, all traffic goes through
a physical interface of the host system for
communicating with the guest system. However,
the data passes through the host system
networking stack.

In internal networking , Guest OS directly
communicate among them and is independent of
the physical interface.

In host only networking, a loopback interface
is created on Host and the traffic between the
Guest OS can be seen.

The below link is also interesting -
http://www.virtualbox.org/wiki/Advanced_Networking_Linux
If a firewall is already installed you may
also enable/disable the access to the internet calling

Came across the below link, but does not convey
w.r.t having the Linux as Host OS -
http://opensourceexperiments.wordpr...est-os-virtual-machine-on-windows-vista-host/

But, i am unable to confirm the clear method
that would be able to filter the virus in the
Host OS itself ?

Thx in advans,
Karthik Balaguru