[nSLUG] Security in virtual machines
nslug at kernelpanic.ca
Fri Sep 12 00:32:09 ADT 2014
On 11/09/14 08:14 PM, Stephen Yorke wrote:
> Even a rooted machine is pretty safe unless the program can inject into
> the VHD, VHDX, VMDK, etc disk image file.
That is not all that hard to do. Depending on how the VM hooks into the
keyboard a keystroke logger may work as well. Once the host is
compromised all bets are off.
I second George White's recommendation: the host is used to run the VMs
only. Seperate VMs are used for banking, day to day, and more VMs as
required. I would not worry about "locking down" the VMs apart from
hardening the web browsers especially on the banking VM.
Consider using different colour schemes on each desktop. It helps to
prevent the simple mistake of visiting facebook on the banking VM and
More information about the nSLUG