Using VirtualBox (or similar) to sandbox internet browsing
-
I am wondering if anyone uses VMs to sandbox their internet activities. It should provide better protection than a firewall+antivirus but, how much? Is it even practical? The reason why I am looking into this is that I help several old folks maintain their computers and you guys would be astonished to know how much crap naive users manage to collect. As always, thank you all.
I use one when I have to go rummaging around in the... seedier... parts of the internet. It performs just fine. Make sure you look into setting up the VM with an immutable drive. Once you set it up, every time you run it doesn't matter what gets installed/infected/downloaded. Shut down the VM, start it back up and you're back to your original image.
-
I am wondering if anyone uses VMs to sandbox their internet activities. It should provide better protection than a firewall+antivirus but, how much? Is it even practical? The reason why I am looking into this is that I help several old folks maintain their computers and you guys would be astonished to know how much crap naive users manage to collect. As always, thank you all.
I've tried a Windows 95 VirutalBox to download some packages for running Windows 95 games (Running a Windows 7 host doesn't help) Internet Explorer 6 was hilarious when I ran through the Virtual OS. Downloads work slightly slower, but they have an added layer of security. From what I see, Running Virtualbox and loading an internet page is just the same as a remote Desktop with an internet page, just more secure with the VHD.
-
I am wondering if anyone uses VMs to sandbox their internet activities. It should provide better protection than a firewall+antivirus but, how much? Is it even practical? The reason why I am looking into this is that I help several old folks maintain their computers and you guys would be astonished to know how much crap naive users manage to collect. As always, thank you all.
I do this for my mum, she wants to watch these P2P Chinese streaming video websites which I wouldn't trust with a barge pole, these sites insist on installing their own plug-ins. She doesn't have Admin access to her own machine, this prevents any accidental installs. If she needs something I log in using Teamviewer and sort it. re VM: I have setup a Virtual Box running Windows 7, then she can have admin within this VM and install anything to her hearts content. If it goes wrong, I trash that VM and restore a backup copy. This setup works well, she's not had any problems with trojans/viruses on her host.
-
I do this for my mum, she wants to watch these P2P Chinese streaming video websites which I wouldn't trust with a barge pole, these sites insist on installing their own plug-ins. She doesn't have Admin access to her own machine, this prevents any accidental installs. If she needs something I log in using Teamviewer and sort it. re VM: I have setup a Virtual Box running Windows 7, then she can have admin within this VM and install anything to her hearts content. If it goes wrong, I trash that VM and restore a backup copy. This setup works well, she's not had any problems with trojans/viruses on her host.
My mum is 87. I put her on Ubuntu native. No garbage, simple controls. She'd been struggling for ten years with XP, but she picked up Unity in minutes. I use Virtual windoze machines on my native LTS through vbox, especially Vista(which came from an old restore disk supplied with the hardware), where I can repair my ipod and sync it using itunes for windows, that 90MB pile of bloat. Just for a laugh I got NT4 running naked on vbox. The poor browser went like a rocket-propelled granny. :-D
-
I am wondering if anyone uses VMs to sandbox their internet activities. It should provide better protection than a firewall+antivirus but, how much? Is it even practical? The reason why I am looking into this is that I help several old folks maintain their computers and you guys would be astonished to know how much crap naive users manage to collect. As always, thank you all.
I remember looking at this a few years ago and used sandboxie for a while, which IIRC is doing the same without using a VM, or uses an internal one, I forget which. Used it for a bit then decided it would be better in the long run if I didn't access dodgy torrent sites at all :-)
-
I am wondering if anyone uses VMs to sandbox their internet activities. It should provide better protection than a firewall+antivirus but, how much? Is it even practical? The reason why I am looking into this is that I help several old folks maintain their computers and you guys would be astonished to know how much crap naive users manage to collect. As always, thank you all.
There is an easier way. What you wanted from the VirtualBox is the idea of "resetting" from time to time, but using a VM is slower than using the actual machine. My kids, under 6 years old, usually replace stuff on the PC and ruin the settings, so I installed a software called DeepFreeze which resets the C: drive upon every restart. Problem solved! So, put the proper settings and install the proper software then freeze it and whenever you want to install something new unfreeze install then freeze again. This solution is sometimes used in internet cafes as well. If you want to persist something, then you can save it on D:
Make it simple, as simple as possible, but not simpler.
-
I am wondering if anyone uses VMs to sandbox their internet activities. It should provide better protection than a firewall+antivirus but, how much? Is it even practical? The reason why I am looking into this is that I help several old folks maintain their computers and you guys would be astonished to know how much crap naive users manage to collect. As always, thank you all.
Use BitBox.
-
Use BitBox.
here is the link http://download.sirrix.com/content/pages/bbdl-en.htm[^]
-
I am wondering if anyone uses VMs to sandbox their internet activities. It should provide better protection than a firewall+antivirus but, how much? Is it even practical? The reason why I am looking into this is that I help several old folks maintain their computers and you guys would be astonished to know how much crap naive users manage to collect. As always, thank you all.
Even when it works as a sandbox, from my point of view, is an overkill just for browsing, perhaps for sandboxing an entire user will make more sense, anyway, I prefer to have a limited account and don't install anything that looks suspicious...
CEO at: - Rafaga Systems - Para Facturas - Modern Components for the moment...
-
If you have a modern system with Hyper-V/AMD-V capable cpu then it's only going to be at worst 2% slower than running on the host. But you also have to consider getting your downloads in/out from virtual to real, plus the virtual disk size impacts on how much you are able to download. Which means more copying/deleting to free up the vhd. On the plus side it's just a matter of backing up (compressing) the virtual machine when you are happy with your baseline image, so that if it becomes infested. All you have to do is delete the vhd from the VM folder, and restore from your backup. Less downtime mopping up. If you're intent on using Windows in a VM allow an extra 6GB for windows updates. I had to recently start from scratch downloading updates, because the vhd was full and windows couldn't proceed any further. On the archiving side, I use rar format because it has better recovery options if the image(s) get corrupted. 7zip hasn't been as reliable as I'd hoped.
"It's true that hard work never killed anyone. But I figure, why take the chance." - Ronald Reagan That's what machines are for. Got a problem? Sleep on it.
You can delete all update history. It will free some space.
Behzad
-
You can delete all update history. It will free some space.
Behzad
Yes you're correct. However it was difficult to know what to delete during the actual Update Apart from the fact I just didn't expect soooo much for .NET 3.5 & 4.0 patches. :wtf: It left me with little room to do anything even after deleting some of the update files. I copied the vhd to a new 32GB.
"It's true that hard work never killed anyone. But I figure, why take the chance." - Ronald Reagan That's what machines are for. Got a problem? Sleep on it.