creating a VM to test/break stuff

[HAVOC]

I'm studying to take my A+ certification. There is still a lot of stuff I don't know, mainly because never really dealt with it, such as BSOD's, driver errors, malware removal and stuff like that. I built this computer so I wouldn't have any issues with it and I don't.

I have VirtualBox installed and VM's for MS-DOS and Windows 95. Having trouble getting 98SE installed. I also have XP mode setup in Windows Virtual PC.

I have a copy of Windows 7 (retail) and I was going to install that and Windows 10 into VirtualBox.

How safe is my main computer once I start breaking/fixing VM's? I'm concerned about getting ransom ware in a VM and it affecting my entire computer. I do have backups of my files.

 

[z3r010]

There is always some risk if you are playing with malware and tbh it should only be done on an isolated machine.

For other stuff you should be fine, btw you can download setup VM's for 7,8 and 10 from Microsoft - Free Virtual Machines from IE8 to MS Edge - Microsoft Edge Development

 

[HAVOC]

Isn't that just for checking web browsers? I want a VM that I can use longer than 90 days.

 

[z3r010]

The are intended for checking browsers but they are fully functioning VM's and quick and easy to mess with.

For more than 90 days you will need a licenced copy of windows.

 

[HAVOC]

I'll be buying a copy of Windows 10 to use in a VM and possibly dual boot at a later date. I already have a copy of Windows 7 retail that I can use.

Just concerned about the safety of my host system. I'll be creating/saving the VM's to a separate HDD.

 

[RoasterMen]

Any virus and/or malware infected VMs will not infect the main OS that you are using. They're isolated (unless you put in your flash drive and use it in the VM).

 

[Alejandro85]

Generally it's a good idea to test things in a virtual machine just meant to be "broken" by many different tries of configurations and other stuff. The host is generally unaffected by any changes but some types of tests are more "safe" and useful than others. Of what I can think, these things are good to try on a VM:

• Drivers and BSODs and diagnostics, while useful they're hard to reproduce, as the VM often don't has the real hardware drivers, but only the drivers for the fake virtualized hardware. And as BSODs are always originated in kernel-mode code, lack of those drivers make them hard to reproduce. Other types of software that include drivers may generate more useful tests. And as well those programs that purposely induce a BSOD for test purposes.
• Installation and uninstallation of many different software packages is also a nice try with VMSs. As the changes get constrained there is easy to prevent damage or bad changes to be done on your main system. And in case of a mistake, just drop the VM and start over.
• Changes of configuration and permissions, like firewalls, and security software setup can also be done in a VM for test purpose, again without imparting that on the real host computer.
• Setup for dual-boot with potentially different OS is simplified in a VM, without breaking your existing system. For example, a Windows-Linux dual boot is a nice practice.
• OS reinstallation while preserving data, either by not formating the target partition or by doing an offline backup is also another thing to try.
• Use of dubious software or websites could also be done reasonably safe in a VM environment. However, watch out for some pitfalls an vulnerabilities (see below).
• As for malware removal, there is little to nothing to try. When a malware infection is confirmed the solution is simple: YOU MUST REFORMAT, and there is little to practice there. Additionally, infecting a VM with malware might give problems in case of a vulnerability in the hypervisor or if the malware breaks out by network or USB devices. Viruses that detect VMs and circumvent them or act differently aren't unheard of.

All in all, it's a nice practice and a good thing to do, with confidence that mistakes get confined to the VM and your main computer remains unaffected.