IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [virtualization]

Virtualization is the creation of a virtual (rather than actual) version of something, such as an operating system, a server, a storage device or network resources.

Virtualization is the creation of a virtual (rather than actual) version of something, such as an operating system, a server, a storage device or network resources.

478 questions
307
votes
9 answers

What makes Docker more secure than VMs or bare metal?

I recently had a discussion with a Docker expert about the security of Docker vs. virtual machines. When I told that I've read from different sources that it's easier for code running within a Docker container to escape from it than for a code…
Arseni Mourzenko
  • 4,644
  • 6
  • 20
  • 30
177
votes
10 answers

How secure are virtual machines really? False sense of security?

I was reading this CompTIA Security+ SYO-201 book, and the author David Prowse claims that: Whichever VM you select, the VM cannot cross the software boundaries set in place. For example, a virus might infect a computer when executed and spread…
T. Webster
  • 2,301
  • 3
  • 19
  • 18
95
votes
13 answers

Company computers for competent developers, how can you deal with them?

This is a follow up on Is there a legitimate reason I should be required to use my company’s computer. Mostly, because I see a huge issue in a couple of specific situations. Had I been in a position of the security engineer for an organization I…
grochmal
  • 5,677
  • 2
  • 19
  • 30
80
votes
3 answers

Is it appropriate to use haveged as a source of entropy on virtual machines?

While looking for solutions to entropy pool depletion on virtual machines, I came across an interesting project called haveged, which is based on the HAVEGE algorithm (HArdware Volatile Entropy Gathering and Expansion). It makes a pretty fantastic…
Nic
  • 1,136
  • 2
  • 10
  • 13
72
votes
5 answers

Does a Virtual Machine stop malware from doing harm?

I would like to know if it is safe for the host system of a virtual machine (VM - VirtualBox OSE in my case) to execute malware. Can a virus break out and read or write data from the host system? Can it establish an Internet connection if I disable…
Martin Thoma
  • 3,902
  • 6
  • 30
  • 42
62
votes
7 answers

Is it safe to install malware in a VM

Is it safe to install malware in virtual machines? I would like to investigate malware, but I don't want to infect my own computer. Can I install the malware in a VMWare VM, maybe even without network access, without risking the integrity of my host…
Erik
  • 1,065
  • 1
  • 8
  • 10
57
votes
2 answers

If a container is compromised does that mean host also compromised?

Recently, I have heard of a new virtualization tech called containers. Suppose the container has been compromised, does this mean the host is also compromised (since the container is a process on a host)? In terms of security, is a VM (virtual…
Akhil Surapuram
  • 561
  • 4
  • 7
54
votes
6 answers

If malware does not run in a VM why not make everything a VM?

There is a lot of malware that can detect whether it is running inside a VM or sandboxed environment and if such environment is detected it can conceal it self and not execute. So why not make everything a VM? Now all systems are safe! I know not…
Marcus
  • 1,145
  • 1
  • 8
  • 12
31
votes
5 answers

If my machine is infected and I run a Virtual Machine inside of it, will the VM also be compromised

I've been researching on virtual machine security and found a lot of articles detailing how an infected VM is isolated (or not) from the host machine. But I couldn't find any answers to the opposite side of the question. If my host is infected, can…
João A. Veiga
  • 421
  • 2
  • 5
30
votes
5 answers

What do I need to configure, to make sure my software uses /dev/urandom?

When setting up a server, what configuration changes do I need to make sure that all of the software uses /dev/urandom instead of /dev/random? Some servers don't have much entropy in the entropy pool (e.g., VPSs). If a software component uses…
D.W.
  • 98,420
  • 30
  • 267
  • 572
27
votes
4 answers

Why can hardware assisted virtualization be a security issue?

Avast antivirus has an option for disabling "Enable hardware-assisted virtualization". If it's enabled, how is it a security issue?
hyperscience
  • 389
  • 1
  • 3
  • 5
27
votes
2 answers

How do big cloud providers guard against VM escape attacks?

I think it's pretty much unassailable to say that cloud computing as we know it depends on the concept of the robustness of virtual machines. Where one can depend on the security of VMs they allow workloads from multiple customers of a cloud…
mostlyinformed
  • 2,715
  • 16
  • 38
26
votes
1 answer

Meltdown and Virtual Machines

This question originated from a discussion about VMs not being vulnerable to Meltdown. Can Meltdown "break out" of a virtual machine, so to speak? What is meant by this is: Can a program (with any access and priveledge level desired) within a…
NH.
  • 1,004
  • 1
  • 9
  • 20
25
votes
6 answers

Would a VM such as Virtualbox be my best option for everyday security while working?

I run a small business out of my home and I'm not really doing anything labor intensive, no games and I'm not cutting any code or anything of that nature. A lot of what I do is phone based sales, so I'm basically just accessing my web based work…
user151357
  • 309
  • 1
  • 3
  • 3
21
votes
8 answers

Is it safe to use virtual machines when examining malware?

We want to study for the CEH program and have downloaded 12 DVDs that 6 DVDs are software key-loggers, Trojans, etc. that are all detected by antivirus. This prevents us from examining them and learning how they work. I have instructed students not…
saber tabatabaee yazdi
  • 1,038
  • 5
  • 16
  • 26
1
2 3
31 32