"Ingo Strüwing" <[email protected]> wrote in
message news:[email protected]...
> Hi John,
>
> Am 12.05.2012 02:37, schrieb John:
>
>> Hello, Ingo. I appreciated your reply, and I have a couple of questions.
>>
>> "Ingo Str?wing" <[email protected]> wrote in
>> message news:[email protected]...
>>> Hi,
>>>
>>> Am 09.05.2012 09:29, schrieb John:
>>>
>>>> Hello. Is the environment of my guest OS secluded from the host OS in
>>>> such a
>>>> way that, if I get an intrusion or malware problem from the internet on
>>>> my
>>>> guest, my host OS would be totally secured from it? For example, if I
>>>> put
>>>> a
>>>> website up on the guest and it gets compromised, can my host be
>>>> affected?
>>>> In
>>>> a worse case scenario, could I just rebuild the guest, or restore from
>>>> a
>>>> clean backup?
>>>
>>>
>>> IMHO there is no "normal" way to get control over the host from a guest.
>>> But in theory there might perhaps be bugs in the VirtualBox software
>>> that could be exploited.
>>>
>>> To minimize the risk, one could *not* install guest additions. That
>>> would avoid possible exploits through shared folders, shared clipboard,
>>> or mouse integration.
>>
>> Aren't the guest additions added separately for each VM. I mean, using
>> VirtualBox to create one VM on which I may have installed one guest OS
>> and
>> guest addition does not make that same guest addition available to
>> another
>> guest OS, included among those which may be seen on the left panel as
>> separately configured VMs. That is, I think these guest additions, like
>> the
>> VMs themselves, are mutually exclusive. Is that not so?
>
>
> Yes, I believe, you mean the right thing. I'm just not sure about
> "mutually exclusive". The guest additions are installed separately in
> each VM. Installing them in one VM does not exclude them from being
> installed in another VM too. So there is no mutual exclusivity IMHO.
Yes, I must have used the wrong expression. I merely meant to say that the
guest additions on one VM are exclusive to that one and not shared. To say
that they are independent would be a better way of stating it.
> Normally I recommend to install guest additions in all VMs. But if you
> are very much concerned about security of a certain VM, and you can live
> without guest additions in that particular VM, then you may consider not
> to install guest additions in that VM. I have no idea how likely it is
> that VirtualBox guest additions could be vulnerable to abuse. I just say
> that there could be a theoretical possibility for that, and if one can
> live without guest additions in a particular VM, one could exclude that
> possible threat.
>
> Of course you can continue to install guest additions in all other VMs.
> That should not add any vulnerability to your secure VM.
>
>>
>>>
>>> But you will likely not want to disable guest networking. And such
>>> networking might be the main risk for possible exploits. This does not
>>> even need bugs in VirtualBox software, but might also be done through
>>> bugs in the host network stack. Let alone a possible insecure network
>>> setup on the host (open ports, imperfect netfilter rules, ...). After
>>> all the VM will be in a LAN. A compromised machine in a LAN is a danger
>>> to all machines in it. One could try to put the VM in a VLAN, which
>>> makes a "demilitarized zone". But it's still difficult to promise that
>>> this would lock out every attacker.
>>
>> I like this idea for sure. Where can I get more information about setting
>> up
>> the VLAN for one of my VMs?
>
>
> Wikipedia has a nice introduction to the topic ("VLAN"). I must admit
> that I didn't setup a VLAN myself yet. I just know the concept.
>
> The baseline is that you need a VLAN-capable network hardware, e.g. a
> VLAN-capable switch. If your computer has just one network interface,
> you could base the VLAN on MAC addresses, since the VM and the host have
> different mac addresses in bridged networking.
>
> Unfortunately, mac addresses can be forged. A VLAN, base on MAC
> addresses (also called a dynamic VLAN) is not is not as secure as a
> static VLAN, which is based on switch ports. For a statc VLAN you would
> need two network interfaces in your computer, bridge the VM to one of
> them and use the other for the host.
Having two NICs is easily enough to arrange. I think I will take a look at
this option. I have some pointers now for further investigation. Thank you,
again.
> That may require proper netfilter
> rules to keep the interfaces apart. But then, having different network
> interfaces for the different machines, one could also create two LANs
> instead of two VLANs, which may be less effort in a small setup.
>
> Please understand that these are just ideas. They may serve as starting
> points for further investigation. I don't claim to be a security or
> network expert. I just dare to claim that you can decrease the risk of a
> break-in with a VM (over separating the applications in the host
> directly), but you can never rule it out completely. Finally it depends
> on your personal readiness to take risks and the sensitivity of the data
> that are stored on the host and the other VMs.
>
> Regards
> Ingo
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
VBox-users-community mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/vbox-users-community
