Solved

Virtual Machine Security

Posted on 2010-11-10
3
520 Views
Last Modified: 2012-06-22
I'm running a VM which connects to a wireless network completely separate from my office LAN. (i.e., I've disabled the wired NIC on the VM and the connection is not bridged... I use a USB WiFi adapter which provides the VM with an internet connection. The question of security came up today - if my VM were to become infected, could it also infect my host? (From what I've read this is a rather debatable question, so I'm excited about what discussions may arise.)
0
Comment
Question by:MassanuttenComputer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 3

Expert Comment

by:arzka
ID: 34104867
As long as they share no drives or network interfaces, it shouldn't be possible for the host system to be infected. If you make backups you are able to access on the host system and actually do so, you obviously risk infecting the host system too, but that's not really within the scope of this question.

I assume you configured the VM itself not to have a network interface instead of just disabling it from the VM operating system. If not, and if we assume the possibilities are endless, you might be infected with a virus that'd re-enable the network interface, sniffed the traffic enough to configure it properly and proceed to infecting your system.

..and if that was an issue to you, you would've made sure there's no way for that to happen - or would probably have set the system up in a completely isolated machine in the first place.

One possible issue is of course another machine at your location connecting to the said WLAN by accident(?), being infected and then spreading the virus when reconnected to the proper network. Not very probable assuming you bothered to protect the WLAN and made sure nobody else has access to it at your location.  
0
 
LVL 27

Accepted Solution

by:
Tolomir earned 500 total points
ID: 34106160
Virtualization tools provide a sandbox and there are ways to break out of the sandbox.
At least use latest version of these tools and also use security tools on your virtual machine.

See also:

An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments
http://taviso.decsystem.org/virtsec.pdf

Tolomir

No virtual machine tested was robust enough to withstand
the  testing  procedure  used,  and  multiple  exploitable  flaws
were presented that could allow an attacker restricted to a vir-
tualised environment to reliably escape onto the host system.
The  results  obtained  demonstrate  the  need  for  further
research into virtualisation security and prove that virtualisa-
tion is no security panacea.

Open in new window

0
 

Author Closing Comment

by:MassanuttenComputer
ID: 34106430
Thanks for the research info - excellent article and exactly what I was looking for.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question