Results 1 to 9 of 9

Thread: BSD & Microsoft

  1. #1
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828

    BSD & Microsoft

    I have a FreeBSD box I use for a few choice applications and functions and to this day I have never had a problem with this box, so I was thinking about what my friend is using his OpenBSD box for a decided to ask the community if this is a reasonable thing to do.

    My friend has an OpenBSD box using VMWare to funtion as a Microsoft Windows XP box. Is this a more secure method of running Windows XP or is he just adding extra stress on the system and wasting resources to get the same exact security and functionality he would have as if he was just running Microsoft Windows XP.

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    It depends on how you configure vmware.

    There are a few networking options with vmware.
    Probably the most secure is using the hostbased interface.
    This means the host OS can talk to the guest OS and vice versa.
    Other (remote) hosts cannot access the guest OS (without routing switched on on the host OS). Other options include NAT (the guest OS uses the same IP as the host OS).

    Probably the least 'secure' option is using bridged mode networking.
    This'll mean the guest OS has it's own IP address and can be addressed by remote hosts.

    Vmware is great for testing though and I highly recommend it.
    If, on the other hand, you intend to use XP (as a guest OS) for games; forget it (it runs like crap and there's no 3d hardware accelleration).

    I hope I made sense
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    No, this system is not used for games. I believe he runs his web/mail server from it and controls certain communication devices from his XP side. If I am not mistaken, he runs a mic, cam, and IM client.

    So, what your saying is he has a OpenBSD system w/ Windows XP running and no one can see the XP and the only security concerns he has to worry about is running an infected program on his system?

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by Info Tech Geek
    So, what your saying is he has a OpenBSD system w/ Windows XP running and no one can see the XP and the only security concerns he has to worry about is running an infected program on his system?
    If he used the hostbased network option; yes. But that would mean he cannot connect anywhere unless he uses the host OS (BSD) as a router/firewall. This would be the same as using the BSD box as a firewall and having a seperate XP box behind it.

    But don't you think it's a bit overkill for running an IM, mic and camera?
    I'll bet I can get the same thing running native on FreeBsd (I'm a long time fbsd user ).
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    He is wasting resources. VMWare is meant to aid in cross-platform development. The box is a fully configured system as far as XP is concerned, and regardless of having a firewall or not, VMWare won't keep a stupid user from clicking "Yes, run this attachment outlook, I love you more than life itself anna kournikova!". It's not security, it's resource wastery.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  6. #6
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    Altough is good configuration, i dont think that is more secure that run those daemons directly under BSD. In fact, i would prefer to run all services under BSD than Windows. You can still hide (selectvelly) services on the same box as he does at "virtual box".
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  7. #7
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    Maybe I have his configuration incorrect or maybe he doesn't have an idea of what he is doing. I thought the same thing about wasting resources when I heard what he was doing an decided to get some informative feedback on it.

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by chsh
    {..} VMWare won't keep a stupid user from clicking "Yes, run this attachment outlook, I love you more than life itself anna kournikova!".
    True. However, if configured correctly, VMWare (and the host OS!) will let you "contain" the infection inside the guest OS and with version 4.0 you can make snapshots so you can easily revert back to before the infection. I use it to test viruses to see what they change and how they try to propagate.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  9. #9
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by chsh
    {..} VMWare won't keep a stupid user from clicking "Yes, run this attachment outlook, I love you more than life itself anna kournikova!".
    True. However, if configured correctly, VMWare (and the host OS!) will let you "contain" the infection inside the guest OS and with version 4.0 you can make snapshots so you can easily revert back to before the infection. I use it to test viruses to see what they change and how they try to propagate.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •