ecurity threats are an ever-present concern when using the Internet. Something as simple as browsing the Internet can introduce malware into a machine. Firewalls, antivirus, and antispyware software and good judgment must be exercised at all times. But no matter how well protected your system is and how careful you are, browsing unknown Web sites puts your system at risk. Consider the highly publicized Microsoft Graphics Rendering Engine Vulnerability
. An unpatched system with this vulnerability is subject to being completely taken over by an attacker. Browsing an infected Web site can be enough for this vulnerability to be exploited. Using a virtual machine for Web browsing provides an excellent defense against this type of threat.
To understand how to use a virtual machine for safer browsing, first some terminology needs to be defined:
- The physical machine on which the virtualization application (e.g., Virtual PC, Virtual Server, VMware, Xen) resides is the host machine, as in the machine that hosts the virtual machine.
- A virtual machine is a guest machine.
The entire guest operating system and programs are written into a large virtual hard disk file that resides on the host machine. (Although the figures use Microsoft Virtual PC 2004, the concepts illustrated are generic and applicable to other virtualization products.)
Undoing a Threat
The single most valuable feature of using a virtual machine for browsing is the undo capability. Microsoft implements this with its undo disks feature. The idea is simple: Whatever takes place in the guest machine, such as inadvertently downloading spyware, is written to another file instead of the principal virtual hard disk file where the OS and applications are installed. When the browsing session ends, the guest machine is turned off without saving any of the changes that occurred while it was running.
The undo disks feature is off by default, so you must enable it. The following steps show how to configure it:
- Select a virtual machine in the Virtual PC Console.
- Click the Settings button.
- Select Undo Disks.
- Check the Enable undo disks checkbox as shown in Figure 1 and then click the OK button.
|Figure 2. Discarding Change to the Undo Disk|
The advantage of using the virtual machine becomes apparent when you turn off the machine (see Figure 2).
By selecting the option Turn off and delete changes, you restore the virtual machine to the exact same state it was in before it was turned on. If any malware was downloaded, it will be in the undo disk file, which is discarded. The virtual hard disk where the operating system and programs reside is untouched.
In order for safe browsing to work, the virtual machine must connect to the network. How to configure networking in a virtual machine is covered in the next section.