[Gloucs] Hypervisors.

Anthony Edward Cooper aecooper at coosoft.plus.com
Sun Sep 19 10:56:15 UTC 2010 

It is possible to detect whether you are inside a VM or not and there 
are exploits out there that can be used to jump onto the host system. 
The more widely used virtualisation software like VMware is going to be 
targeted more because of its prevalence. Ironically stiff like 
VirtualBox, aimed primarily at the home/enthusiast/college user will 
probably be more secure as it is less likely that someone would have 
written an exploit for it. But it is a good product and if they ever do 
an ESX style VirtualBox then who knows...

However, there is a big difference between what is possible and what is 
likely. Virus/malware detector companies will always push the former and 
not the latter as it is good business to scare people. Most attacks are 
done by mindless script kiddies using other people's hard work via tools 
like metasploit. I good hardware firewall, a few free anti-virus 
products (AVG, win-clam etc) and regular patching will normally do the 
trick. Also regular backups as a good thing as well.

As for unprotected windows VMs... If the host is Linux/non-windows and 
no other windows machines are booted up on your local network at the 
time and the VM has non-persistent storage then you should be ok. If you 
want persistent storage then deny the VM access to the internet by 
selecting host only networking.

For what it's worth I can give a quick chat about my experiences with 
VMware and VirtualBox (but only if there is time after our main speaker 
:-) ). But nothing that most people probably wouldn't know already..... 
Perhaps posting here would be better.......

Tony.

Geoff Bagley wrote:
> When running several guest  systems  on top of a hypervisor, can 
> anyone please tell me what are the implications for
>
> anti-malware software and  firewalls ?
>
>
> Would a "guest"  Windows still be bogged down with tardy antivirus 
> progs ?
>
>
> If Windows runs better as a guest on a Linux box,  would this help 
> entice Windows users to experience Linux ?
>
>
> Geoff.
>
>
> _______________________________________________
> gloucs mailing list
> gloucs at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/gloucs

More information about the gloucs mailing list