Virtual Machine ...

[Axon]

Am planning to have a virtual machine inside my Windows OS. What is the best software available out there and is there a good detailed tutorial available. What are the risks of having a VM, I heard that sometimes there is "leakage" that takes place between your original OS and your VM.

I talk to much so I'll shut up now  ..... waiting for feedback

[Kulverstukas]

There is no leakage and I have no idea what you are talking about by saying "leakage". You can try VirtualBOX - nice, lightweight and free software from Oracle. I use it mostly on Windows and Ubuntu.

[ca0s]

I think that he means "escape from virtualized environment" with leakage. It can happen, if the virtual machine system has a flaw in its dessign. However, there are no public exploits for that AFAIK.
I like VirtualBox too.

[Axon]

Thank you for the feedback guys and thank you ca0s for explaning what leakage means. However, I've read that if the user didn't make the best settings for his virtual environment. This could trigger leakage .

[Kulverstukas]

Thank you for the feedback guys and thank you ca0s for explaning what leakage means. However, I've read that if the user didn't make the best settings for his virtual environment. This could trigger leakage .

It will "trigger leakage" no matter what are your settings if the virus is made to do so. It will break out or simply won't run at all.

[I_Learning_I]

Like ca0s said, there are exploits for VM, however they are not public, therefore you shouldn't worry about that. The only way for someone to know you're using a VMware would be through a User-Agent or a service running.
If I recall correctly all the services running can be configured and also they don't specify that you're using a VM so you shouldn't have any problem there.

Also most exploits aren't created for the tools like VMWare and VirtualBox, but for stuff like SandBox, because that actually ensures that the user is using the correct OS.
It's pointless to execute a Windows Exploit to break out of a VM if you're running it on a Linux Box or the reverse.

Also it (usually) doesn't has anything to do with your configurations, when running sandbox you can chose to execute in the sand box and out, if you execute the first program inside and the second one out of sandbox you can have problems, but that's the same as just running it with no security measures, so you should be fine.
Sometimes you just got to trust the program coders