[LinuxUsers] Trojan hits Linuxmint servers
Roger E. Rustad, Jr
roger.rustad at gmail.com
Mon Aug 25 01:02:50 UTC 2008
Paul Saenz wrote:
> Tell me, Isn't it true that:
> You can set up the vm so that it can only see the hard drive space that
> you have allocated for it?
Sure, if you put that VM in a network area that cannot "see" the host OS.
> And as long as you don't move files from the mv to the host os, (as
> Manny said) then the vm won't be able to see the hard drive?
Not necessarily, remember, if the guest VM is "visibile" network-wise
(NAT'd, on the same subnet, etc), then there is a chance it can "see"
the host OS, and hence the rest of your hard drive.
So, if you didn't have a password on your host OS, the guest VM could
easily make a call like "net use z: \\hostBox\c$" and then go to town
nuking stuff, or even installing root kit on that remote z: with tools
like psexec.
Make sense?
More information about the LinuxUsers
mailing list