[nSLUG] Security in virtual machines

Stephen Gregory nslug at kernelpanic.ca
Fri Sep 12 00:32:09 ADT 2014


On 11/09/14 08:14 PM, Stephen Yorke wrote:
> Even a rooted machine is pretty safe unless the program can inject into
> the VHD, VHDX, VMDK, etc disk image file.
That is not all that hard to do. Depending on how the VM hooks into the 
keyboard a keystroke logger may work as well. Once the host is 
compromised all bets are off.

I second George White's recommendation: the host is used to run the VMs 
only. Seperate VMs are used for banking, day to day, and more VMs as 
required. I would not worry about "locking down" the VMs apart from 
hardening the web browsers especially on the banking VM.

Consider using different colour schemes on each desktop. It helps to 
prevent the simple mistake of visiting facebook on the banking VM and 
similar.


-- 
sg



More information about the nSLUG mailing list