VMware on Linux box more secure than just M$ OS by itself?

Discussion in 'Computer Security' started by Press Ctrl-Alt-Del Now, Feb 25, 2004.

  1. Would running a Windows OS in a VMware session on a Linux box be any more
    or less secure than if I ran the same PC with just the Windows OS? Would
    the fact that I am running this OS on a Linux based host help or not, when
    it comes to security and protection from outside network threats? Not
    worried about it being slower, the system needing more RAM, etc., it's just
    the security point of view that I am interested in. TIA.
    Press Ctrl-Alt-Del Now, Feb 25, 2004
    #1
    1. Advertising

  2. Press Ctrl-Alt-Del Now

    Jason Guest

    * Press Ctrl-Alt-Del Now <>:
    > Would running a Windows OS in a VMware session on a Linux box be any more
    > or less secure than if I ran the same PC with just the Windows OS? Would
    > the fact that I am running this OS on a Linux based host help or not, when
    > it comes to security and protection from outside network threats? Not
    > worried about it being slower, the system needing more RAM, etc., it's just
    > the security point of view that I am interested in. TIA.


    No, its still windows and open to its flaws and perks. I know of one
    person who was running windows in vmware on linux and got himself a
    trojan through kazaa and watched the script kiddie mucking up his
    windows install.

    Jason
    Jason, Feb 25, 2004
    #2
    1. Advertising

  3. Press Ctrl-Alt-Del Now

    souljah Guest

    Press Ctrl-Alt-Del Now wrote:
    > *Would running a Windows OS in a VMware session on a Linux box be an
    > more
    > or less secure than if I ran the same PC with just the Windows OS?
    > Would
    > the fact that I am running this OS on a Linux based host help or not
    > when
    > it comes to security and protection from outside network threats?
    > Not
    > worried about it being slower, the system needing more RAM, etc.
    > it's just
    > the security point of view that I am interested in. TIA. *


    VMware emulates. It is still windows running on windows, just with a
    additional emulated layer. Moral of the story, external *ni
    firewall?

    Cheer


    -
    soulja
    -----------------------------------------------------------------------
    Posted via http://www.forum4designers.co
    -----------------------------------------------------------------------
    View this thread: http://www.webservertalk.com/message134265.htm
    souljah, Feb 26, 2004
    #3
  4. "Press Ctrl-Alt-Del Now" <> wrote in message
    news:Xns949A8658B216C3fingermssolutionreb@140.99.99.130...
    > Would running a Windows OS in a VMware session on a Linux box be any more
    > or less secure than if I ran the same PC with just the Windows OS? Would
    > the fact that I am running this OS on a Linux based host help or not, when
    > it comes to security and protection from outside network threats? Not
    > worried about it being slower, the system needing more RAM, etc., it's

    just
    > the security point of view that I am interested in. TIA.


    If it's emulating things properly, then the answer's "exactly the same".

    OTOH, if someone thinks it's a honeypot then they'll either a) leave it
    alone, or b) make it a matter of personal pride to kill the installation and
    not get caught in the process..

    --

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!
    Hairy One Kenobi, Feb 26, 2004
    #4
  5. Press Ctrl-Alt-Del Now

    Dave Guest

    On Wed, 25 Feb 2004 21:12:24 GMT, "Press Ctrl-Alt-Del Now"
    <> wrote:

    >Would running a Windows OS in a VMware session on a Linux box be any more
    >or less secure than if I ran the same PC with just the Windows OS?


    My primary machine is set up this way. The Windows VMware sessions are not
    intrinsically any more secure than straight Windows, but you have additional
    options and restrictions not readily available in straight Windows.

    First any compromise is limited to the VM session and not your entire drive
    and base machine, assuming you didn't give the VM session global access.

    You can keep rotating copies of your VM images. If a Windows disaster occurs,
    it's only minutes to nuke the entire image and duplicate the previous copy. If
    you catch it right away, you can even revert to the previous start state.

    Multiple VM images are especially useful if you're messing with malicious
    code. "Sure I know what I'm doing. Oops!" Nuke the image and start again.

    Another difference is that when a file is deleted in VMware, it's gone!
    There's no undeleting it because it doesn't actually exist as an unlinked disk
    sector. Vmware tracks it virtually and the actual disk structure is a complex
    file. The side effect of this is that most disk managers or editors not only
    don't work, they can mess you up royally.

    There are of host of other potential differences depending on how you set it
    up. For example you can have it NATing through the Linux host. This
    automatically blocks externally initiated connections to your NAT'd VM
    session. You can also set up iptables on the host Linux system for additional
    control.
    Dave, Mar 1, 2004
    #5
  6. Press Ctrl-Alt-Del Now

    Brian Macke Guest

    On Sun, 29 Feb 2004 20:37:45 -0500, Dave wrote:

    > On Wed, 25 Feb 2004 21:12:24 GMT, "Press Ctrl-Alt-Del Now"
    > <> wrote:


    >>Would running a Windows OS in a VMware session on a Linux box be any
    >>more or less secure than if I ran the same PC with just the Windows OS?


    > There are of host of other potential differences depending on how you
    > set it up. For example you can have it NATing through the Linux host.
    > This automatically blocks externally initiated connections to your NAT'd
    > VM session. You can also set up iptables on the host Linux system for
    > additional control.


    I currently use this and it's been most helpful, though it's not perfect.
    Any VPN software on your windows partition will create a routable address
    on your machine. One would hope that this address is protected somehow,
    but that's not always the case. I often joke at work that my Windows VM is
    more vulerable to attack from the internal network when I VPN into work
    than when I'm on the LAN.

    Bridging, while useful in some regards, is the riskiest thing you can do
    to your VM from an external attack perspective. That interface is on the
    network and nothing about your Linux host will protect you.

    Back before NAT, I used a host only interface and proxied all of my
    connections. That was the safest method and the most robust. It was just a
    pain to configure so now I NAT and firewall on the host.

    The obscurity afforded through VMWare is nice, but it's not a complete
    protection. Outbound connections off the box are targets, as are
    downloaded data executed and read locally.

    --
    -Brian James Macke
    "In order to get that which you wish for, you must first get that which
    builds it." -- Unknown
    Brian Macke, Mar 1, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. west488
    Replies:
    1
    Views:
    587
    Colyn
    Jun 19, 2005
  2. ng_reader

    Java updating itself - more than I'd like?

    ng_reader, Nov 13, 2006, in forum: Computer Support
    Replies:
    3
    Views:
    397
    ng_reader
    Nov 13, 2006
  3. Waylon Kenning

    VMware releases a free VMware Player

    Waylon Kenning, Oct 21, 2005, in forum: NZ Computing
    Replies:
    0
    Views:
    564
    Waylon Kenning
    Oct 21, 2005
  4. Replies:
    0
    Views:
    563
  5. Replies:
    0
    Views:
    616
Loading...

Share This Page