...
- Choose Strong Passwords
Weak passwords can be guessed, thus giving someone else access to your files and your system. Create passwords that are at least eight
characters long, containing numbers, upper and lower case letters, and symbols. More information on creating strong passwords can be found at
http://web.mit.edu/ist/topics/network/passwords.html.
From the IS&T Security Team:
- If a host is compromised, scripts can be run on the host that can
interact with the guest at whatever privilege level the guest is
logged in as. This can result in malicious trojans being installed on
the host and guest machines.
- A virtual machine that is not virus protected, compromised, and in
a shared networking configuration can be used by an attacker to scan
both the private and public address spaces. The other virtual
machines on the host (if not patched) can also be exploited via the
network, so a software firewall on each of the guests is recommended.
- All guests on a host machine should have like risk posture – same
level of accessibility, data sensitivity and level of protection.
- (Enterprise version) When turning on shared folders, they can be
accessed through a compromised guest. Files can then be placed on the
host and attackers can access other guests' file systems.
- Access to the host should be limited (firewalled off).
- When taking a snapshot of a virtual machine and then branching off,
make sure to save the image at the instance before the branch (the
trunk) rather than at the branch level to ensure security patches are
most up to date.
If you have any questions, let us know. Most of this information came
from Mike who has experience using VMWare for virtual networking
purposes, so he is probably the best person to go to on this.