[nSLUG] Security in virtual machines

Stephen Yorke syorke at gmail.com
Thu Sep 11 15:14:48 ADT 2014


I do not agree with your reply, Rory.

If you are using a dedicated VM and only hitting your banking site and
NOT going to any other sites. It will work well.

A VM does use and access the physical hardware and as long as you are
not adding the tools which allow different mapping of local resources
there should be nothing to worry about.

Yes, you still need your AV, firewall and other preventive measures but
it is good.

All my work is done via VMs. I have two different VPN networks which I
need access to, to do my work and hence I have two different VMs. One
for each of my work networks. Those machines have never had a virus or
issues while my main machine has had some gunk on it. I normally
rebuild my primary laptop once a year to keep it fresh.

Sent from my Samsung Ativ S running WP8From: Rory
Sent: ‎9/‎11/‎2014 2:11 PM
To: Nova Scotia Linux User Group
Subject: Re: [nSLUG] Security in virtual machines
A VM will never quite achieve parity with a dedicated box for security.
A dedicated box will only share an ethernet network with the host while
a VM shares many other resources.

However, you can get close by treating the VM as if it is in a hostile
environment. Tight firewall rules, full disk encryption, encrypted
communication and careful use of applications and websites all go a long
way to making it very difficult to compromise from the host machine.

So, yes, you can set the barrier to compromise pretty high with a VM and
therefore gain some security compared with using the same host you use
for all computing.

On 14-09-11 01:20 PM, Gerald Ruderman wrote:
> I am using VirtualBox to run some virtual machines. Wanting more
> security for my financial tasks I wonder how much I would gain if I
> create a virtual machine that is only used for financial tasks. What
> would IO gain if I had a dedicated computer I only used for money matters.
>

_______________________________________________
nSLUG mailing list
nSLUG at nslug.ns.ca
http://nslug.ns.ca/mailman/listinfo/nslug


More information about the nSLUG mailing list