-
VMWare
This may have been posted before but I just don't have time to search the forums......sorry,
After installing VMware in win XP pro, fully patched, I install a new OS like linux or winME do I still need to patch the OS that is running under VMWare?
What I'm doing is installing every OS I can, into VMWare, that is installed on my laptop running winXP Pro. And I was just wondering if the host os, being patched and secure, will protect the guest operating systems while they run.
-
You should probably patch any and all programs//OS running on your computer. But mine is an uneducated guess so maybe you should wait for a few more suggestions.
-
Depends on what type of net connection you allowed to vmware. If I remember correctly if it's NAT you run the risk of getting a compromised virtual OS allowing access to your host OS. If it's bridged then you should be fine, though I don't know why you wouldn't want to patch your guest OS anyway... unless you're running it in host-only mode and try to break into it.
I hope I remembered this right, I just made a point of having it bridged always, even though I run behind a router... you can never be too carefull :)
-
Bridged uses a second ip adress on the ethernet card of the host OS! If you're running bridged, you can access the guest OS by it's own IP.
The only way to be "protected" is by running the vmware guest OS in host-only networking mode with routing turned off on the host OS.
I'd say upgrade it unless you deliberately want to run a vulnerable system for testing purposes.
-
Make sure you keep all your guest OSs up to date. Vunerabilities come from more places that just network ports etc. I'd also install AV on guest OSs as well.
Steve
-
Bridged
I am installing guest os's under a bridged network. I will update all, and install the usual protective software on each operating system (avg, spybot, adaware, zonealarm.. etc.). Thanks for the replies.
-
Yes you need to patch every Virtual Machine. When you install an OS in VM it acts as a stand alone OS. It will have its own IP, you will see it as a separate machine in my network places, and so on and so forth. If you don’t patch the VM OS you will be left open for every attack out there. Reason I know this is because I went to the Microsoft seminar where they talked about this incredible software. I asked the Microsoft rep this exact question, and he told me the exact same thing I’m telling you. Also run AV and FW software on the VM OS so you don’t risk infecting your laptop.
-
Concur. We use VMWare and ESX to virtualize servers and other systems. Our standard procedure is to treat the VMs just like you would a hard system. Lock down admin accounts, disable guest accounts, patch, AV, firewall--the whole deal. When they are running, there is no difference--from the outside--between a VM system and a physical system.