[Dshield] VMware

John B. Holmblad jholmblad at aol.com
Thu Oct 13 01:30:03 GMT 2005


All,

VMware workstation 5.0 can also be hosted on Linux. I have  a copy for 
Linux but I have not yet installed it.

Best Regards,

John Holmblad

Televerage International
GSEC Gold,GCWN Gold,GGSC-0100,NSA-IAM

(H) 703 620 0672
(M) 703 407 2278
(F) 703 620 5388

primary email address:     jholmblad at aol.com
backup email address:      jholmblad at verizon.net



David Taylor wrote:

>I use VMWare 5 as well and love it.  As others have stated I haven't seen
>any direct guest to host problems.  
>
>I have several VMWare guests which runs on Windows XP host and have never
>had any problems with it.  I have a Linux Bridge firewall setup as one guest
>and force all my traffic through snort inline/IPTABLES as well as some local
>IPSEC policies to prevent it from scanning other systems. I normally use
>this setup to let people attack the Windows guest but frequently also use it
>to drop evil files into.  You can capture packets directly from the host
>system if you like and can also setup Sebek to watch any command line
>activity if someone connects to the machine and opens a shell.
>
>
>==================================================
>David Taylor //Sr. Information Security Specialist
>University of Pennsylvania Information Security 
>Philadelphia PA USA
>(215) 898-1236
>http://www.upenn.edu/computing/security/
>================================================== 
>
>SANS - The Twenty Most Critical Internet Security Vulnerabilities 
>http://www.sans.org/top20/
>
>SANS - Internet Storm Center
>http://isc.sans.org
>
>irc.freenode.net #dshielders
>http://freenode.net/
>
>
>
>-----Original Message-----
>From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
>On Behalf Of Semper Securus
>Sent: Wednesday, October 12, 2005 3:19 PM
>To: General DShield Discussion List
>Subject: Re: [Dshield] VMware
>
>
>I also use VMWare 5 WS quite a bit and have had no issues with any
>guest to host contamination. A couple of items for consideration:
>
>* Make sure your host OS is fully patched and hardened.
>
>* Don't enable file (or print) sharing between your guest and host.
>Don't use the VMWare "shared folder" for your sacrificial guest.
>
>* Depending on how (or if) you have your VM machine connected to other
>VM machines, you may wish to play around with "Custom mode" networking
>for the guest to allow complete isolation of networking from the host.
>
>* Use the "snapshot" feature prior to testing anything new.
>
>Andre'
>
>SemperSecurus
>
>
>
>On 10/12/05, Paul Marsh <pmarsh at nmefdn.org> wrote:
>  
>
>>Afternoon All:
>>
>>       I want to start playing around with the latest and greatest viri
>>and exploits to see what they do and how they function.  My question is
>>how secure is the system the vmware in running on?  Are there best
>>practices I need to follow in order to lock the vm down so I don't
>>compromise the host system?
>>
>>Thanx, Paul
>>
>>
>>
>>The information in this transmittal (including attachments, if any) is
>>    
>>
>privileged and confidential and is intended only for the recipient(s) listed
>above. Any review, use, disclosure, distribution or copying of this
>transmittal is prohibited except by or on behalf of the intended recipient.
>If you have received this transmittal in error, please notify me immediately
>by reply email and destroy all copies of the transmittal. Thank you.
>  
>
>>_________________________________________
>>Using .Net? Need to know more about .Net Security?
>>http://isc.sans.org/banner_count.php?dest=dotnet
>>
>>_______________________________________________
>>send all posts to list at lists.dshield.org
>>To change your subscription options (or unsubscribe), see:
>>    
>>
>http://www.dshield.org/mailman/listinfo/list
>  
>
>
>_________________________________________
>Using .Net? Need to know more about .Net Security?
>http://isc.sans.org/banner_count.php?dest=dotnet
>
>_______________________________________________
>send all posts to list at lists.dshield.org
>To change your subscription options (or unsubscribe), see:
>http://www.dshield.org/mailman/listinfo/list
>
>
>_________________________________________
>Using .Net? Need to know more about .Net Security?
>http://isc.sans.org/banner_count.php?dest=dotnet
>
>_______________________________________________
>send all posts to list at lists.dshield.org
>To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
>
>  
>


More information about the list mailing list