On Wed, 15 Nov 2000, Camilo Mesias wrote:
> I think the point is, if you have a machine with unknown levels of
> security, (the host machine), how can you make it more secure by adding
> more software?
You're missing an important step. The network adaptor that talks to the
Internet must be ignored by the host machine and only used by the guest
machine. At that point you have exactly the same isolation as using a
separate physical machine because the Internet traffic has no means of
access to any machine but the firewall (virtual) machine. To finish the
setup, the virtual machine would also need to have a virtual network
connection to the host machine, and the host machine would need to have
its own network card to talk to the internal network.
..wayne..
