Virtualization for security

Virtualization for security
Scott Granneman, 2006-04-12

Sometimes we don't really see what our eyes are viewing. That's true with your computer screen, and it's true in nature as well. Oh sure, we can say what we think we're seeing, but we're missing the big story such as the man behind the curtain, to recall a famous phrase from an even more beloved movie.

Expand all | Post comment

Virtualization for security 2006-04-13
HSC

Virtualization for security 2006-04-13
Anonymous (1 replies)

Re: Virtualization for security 2006-04-13
Anonymous (2 replies)

Re: Re: Virtualization for security 2006-04-14
Anonymous

One addition on WindowsInVM 2006-04-13
Nicholas weaver

Virtualization for security 2006-04-13
Anonymous (1 replies)

Re: Virtualization for security 2006-04-15
Anonymous

VMs 2006-04-14
Joachim

Of course, all this niceness assumes that the virtual machines are properly separated, that they cannot get to other VMs by the network (after all, those might have the same problems), and that you've got plenty of RAM.

Real OSes don't need this. If you run a UNIX-like OS with sane defaults, tightened permissions (forkbomb anyone? Also, stop SMTP!), and a kernel that does not have a new vulnerability every month, there is little a nonpriviliged account can do. Or just run a browser under systrace/in a chroot jail/...

Joachim

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/397/33493#33493

Virtualization for security 2006-04-14
Bill (1 replies)

Re: Virtualization for security 2006-04-19
Joachim

Virtualization for security 2006-04-15
Anonymous

Autostart Tutorial 2006-04-17
Joe (1 replies)

Re: Autostart Tutorial 2007-02-21
Anonymous

Virtualization for security 2006-04-17
Anonymous (1 replies)

Re: Virtualization for security 2006-05-02
Anonymous

Host OS? 2006-04-20
elh

Great in theory, but... 2007-10-18
Chris Buechler