Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > VMware on Linux box more secure than just M$ OS by itself?

Reply
Thread Tools

VMware on Linux box more secure than just M$ OS by itself?

 
 
Press Ctrl-Alt-Del Now
Guest
Posts: n/a
 
      02-25-2004
Would running a Windows OS in a VMware session on a Linux box be any more
or less secure than if I ran the same PC with just the Windows OS? Would
the fact that I am running this OS on a Linux based host help or not, when
it comes to security and protection from outside network threats? Not
worried about it being slower, the system needing more RAM, etc., it's just
the security point of view that I am interested in. TIA.
 
Reply With Quote
 
 
 
 
Jason
Guest
Posts: n/a
 
      02-25-2004
* Press Ctrl-Alt-Del Now <(E-Mail Removed)>:
> Would running a Windows OS in a VMware session on a Linux box be any more
> or less secure than if I ran the same PC with just the Windows OS? Would
> the fact that I am running this OS on a Linux based host help or not, when
> it comes to security and protection from outside network threats? Not
> worried about it being slower, the system needing more RAM, etc., it's just
> the security point of view that I am interested in. TIA.


No, its still windows and open to its flaws and perks. I know of one
person who was running windows in vmware on linux and got himself a
trojan through kazaa and watched the script kiddie mucking up his
windows install.

Jason
 
Reply With Quote
 
 
 
 
souljah
Guest
Posts: n/a
 
      02-26-2004

Press Ctrl-Alt-Del Now wrote:
> *Would running a Windows OS in a VMware session on a Linux box be an
> more
> or less secure than if I ran the same PC with just the Windows OS?
> Would
> the fact that I am running this OS on a Linux based host help or not
> when
> it comes to security and protection from outside network threats?
> Not
> worried about it being slower, the system needing more RAM, etc.
> it's just
> the security point of view that I am interested in. TIA. *


VMware emulates. It is still windows running on windows, just with a
additional emulated layer. Moral of the story, external *ni
firewall?

Cheer


-
soulja
-----------------------------------------------------------------------
Posted via http://www.forum4designers.co
-----------------------------------------------------------------------
View this thread: http://www.webservertalk.com/message134265.htm


 
Reply With Quote
 
Hairy One Kenobi
Guest
Posts: n/a
 
      02-26-2004
"Press Ctrl-Alt-Del Now" <(E-Mail Removed)> wrote in message
news:Xns949A8658B216C3fingermssolutionreb@140.99.9 9.130...
> Would running a Windows OS in a VMware session on a Linux box be any more
> or less secure than if I ran the same PC with just the Windows OS? Would
> the fact that I am running this OS on a Linux based host help or not, when
> it comes to security and protection from outside network threats? Not
> worried about it being slower, the system needing more RAM, etc., it's

just
> the security point of view that I am interested in. TIA.


If it's emulating things properly, then the answer's "exactly the same".

OTOH, if someone thinks it's a honeypot then they'll either a) leave it
alone, or b) make it a matter of personal pride to kill the installation and
not get caught in the process..

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!


 
Reply With Quote
 
Dave
Guest
Posts: n/a
 
      03-01-2004
On Wed, 25 Feb 2004 21:12:24 GMT, "Press Ctrl-Alt-Del Now"
<(E-Mail Removed)> wrote:

>Would running a Windows OS in a VMware session on a Linux box be any more
>or less secure than if I ran the same PC with just the Windows OS?


My primary machine is set up this way. The Windows VMware sessions are not
intrinsically any more secure than straight Windows, but you have additional
options and restrictions not readily available in straight Windows.

First any compromise is limited to the VM session and not your entire drive
and base machine, assuming you didn't give the VM session global access.

You can keep rotating copies of your VM images. If a Windows disaster occurs,
it's only minutes to nuke the entire image and duplicate the previous copy. If
you catch it right away, you can even revert to the previous start state.

Multiple VM images are especially useful if you're messing with malicious
code. "Sure I know what I'm doing. Oops!" Nuke the image and start again.

Another difference is that when a file is deleted in VMware, it's gone!
There's no undeleting it because it doesn't actually exist as an unlinked disk
sector. Vmware tracks it virtually and the actual disk structure is a complex
file. The side effect of this is that most disk managers or editors not only
don't work, they can mess you up royally.

There are of host of other potential differences depending on how you set it
up. For example you can have it NATing through the Linux host. This
automatically blocks externally initiated connections to your NAT'd VM
session. You can also set up iptables on the host Linux system for additional
control.

 
Reply With Quote
 
Brian Macke
Guest
Posts: n/a
 
      03-01-2004
On Sun, 29 Feb 2004 20:37:45 -0500, Dave wrote:

> On Wed, 25 Feb 2004 21:12:24 GMT, "Press Ctrl-Alt-Del Now"
> <(E-Mail Removed)> wrote:


>>Would running a Windows OS in a VMware session on a Linux box be any
>>more or less secure than if I ran the same PC with just the Windows OS?


> There are of host of other potential differences depending on how you
> set it up. For example you can have it NATing through the Linux host.
> This automatically blocks externally initiated connections to your NAT'd
> VM session. You can also set up iptables on the host Linux system for
> additional control.


I currently use this and it's been most helpful, though it's not perfect.
Any VPN software on your windows partition will create a routable address
on your machine. One would hope that this address is protected somehow,
but that's not always the case. I often joke at work that my Windows VM is
more vulerable to attack from the internal network when I VPN into work
than when I'm on the LAN.

Bridging, while useful in some regards, is the riskiest thing you can do
to your VM from an external attack perspective. That interface is on the
network and nothing about your Linux host will protect you.

Back before NAT, I used a host only interface and proxied all of my
connections. That was the safest method and the most robust. It was just a
pain to configure so now I NAT and firewall on the host.

The obscurity afforded through VMWare is nice, but it's not a complete
protection. Outbound connections off the box are targets, as are
downloaded data executed and read locally.

--
-Brian James Macke http://www.velocityreviews.com/forums/(E-Mail Removed)
"In order to get that which you wish for, you must first get that which
builds it." -- Unknown

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Secure your digital information assets with Secure Auditor. SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:53 AM
Secure your digital information assets with Secure Auditor SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:52 AM
Like all great travelers, I have seen more than I remember andremember more than I have seen. shenrilaa@gmail.com C Programming 0 03-05-2008 03:26 AM
VMware releases a free VMware Player Waylon Kenning NZ Computing 0 10-21-2005 10:01 PM



Advertisments