Security considerations when updating settings from a remote system

Posted by / 14-Mar-2020 07:07

One property of virtual machine monitors (VMMs) like Oracle VM Virtual Box is to encapsulate a guest by executing it in a protected environment, a virtual machine, running as a user process on the host operating system.

The guest cannot communicate directly with the hardware or other computers but only through the VMM.

Some setups do not require a VM to be connected to the public network at all.

Internal networking, see Section6.6, “Internal Networking”, or host-only networking, see Section6.7, “Host-Only Networking”, are often sufficient to connect VMs among each other or to connect VMs only with the host but not with the public network.

General Oracle VM Virtual Box installation instructions for the supported hosts can be found in Chapter2, Installation Details.

On Windows hosts, the installer can be used to disable USB support, support for bridged networking, support for host-only networking and the Python language binding. All these features are enabled by default but disabling some of them could be appropriate if the corresponding functionality is not required by any virtual machine.

For instance, Linux users must be member of the group to be able to pass USB devices to a guest.

As the installation requires system privileges, Oracle VM Virtual Box will ask for the system password during the installation of the extension pack.

Normally there is no post installation configuration of Oracle VM Virtual Box components required.

Enabling CD/DVD passthrough enables the guest to perform advanced operations on the CD/DVD drive, see Section5.9, “CD/DVD Support”.

This could induce a security risk as a guest could overwrite data on a CD/DVD medium.

security considerations when updating settings from a remote system-6security considerations when updating settings from a remote system-27security considerations when updating settings from a remote system-54

When using the Oracle VM Virtual Box Extension Pack provided by Oracle for VRDP remote desktop support, you can optionally use various methods to configure RDP authentication.

One thought on “security considerations when updating settings from a remote system”