I've heard several times if a skilled attacker brakes into a VM guest OS trough Internet, it's only a matter of time before he is inside the host OS and rooting it. Is this possible, and how likely is it to happen? What can you do to prevent such attacks?

For starters, dont believe everything you hear/read...and if it is true, dont panic

Is the host OS Linux? If so, there's no worry...unless the little seven next to your tux is ... the "thing", then you could be in trouble...

Okay, face it. You get a different IP address every once in a while. The virtual OS has its own space and is not even aware it's running in a virtual space, hardening the virtualised OS just a little should suffice, and it's not running all the time, I assume.
If the hacker could (word to look at: COULD) break tru, (s)he lands in a Linux OS. Then the real challenge lies ahead: setting up shop/a rootkit, for that (s)he needs: the root pass. Is that known? No. So, stuck...

Okay, everything is possible, but this is very remotely possible...just as it is not possible to hack an other PC via a KVM...

Thor

Yes it is possible IF attacker is very skilled BUT to be fair it just won't happen to anyone who is average computer user since skilled people don't waste time with random people..

It has been said it could be broken into. One would break into it by some means. Problem is the method would usually be there VM or not.

i would say it depends on how well hardened the host and guest OSes are, but in reality it's almost the same as saying that if an attacker breaks into a workstation on your network it's only a matter of time before they get into the server on the same network, yes it can be done, and there might be a bit less security between the vm and the host, but as mentioned it really isn't much different then if it were two different physical machines on the same network.

If you are that much of paranoid..either disconnect from internet OR create(because reinstalling OS every day or two is painfull) custom LiveOS that runs from untouchable media(one time CD,DVD for example) or even better only RAM(after boot) and when you need save documents insert USB then disconnect and rest will be NOTHING. Also put password on BIOS, use router or at least Firewall with closed ports and no forwarding and done. Even if someone will be crazy to try mess with you now they will be up for HUGE surprise.
P.S.This method has one minus - you still can't be careless where and how you put sensitive data in web like passwords and such but rest is piece of cake.

0 members found this post helpful.

Just me being pedantic here, but the key-word is INTO, yes, if the virtualised OS is a "flake" like the "thing" - THAT can be broken INto, no sweat, it's the breaking OUT that's worrying OP - and that may not be all that easy if at all feasable...

Jefro may just have poked the right nerve here...

Thor

Both host and guest are Linux, but both are also hardened. The virtual machine program is ran by an unprivileged user on the host OS, and the virtual machine program itself is protected by apparmor on the host OS too. But it uses KVM for speed, or else the guest OS runs too slow, I don't know how secure it is to use KVM since I guess that requires some root work on the host OSs kernel.?

I don't know what Thor_2.0 means when he says "the little seven next to your tux is ... the "thing"", lol, you gotta fill me in on that one. Either I'm stupid or I've missed something.

There is no system that is secure. Even air gap systems get hacked. Where it be from outside or inside.

Can one hack a networked system? Well, OS's tend to be somewhat secure. BSD's tend to be better. Problem is applications that run on them have holes. That is how hackers exploit most systems. Every year they hold pawn2own contests. Systems tend to fall in a few minutes.

The little round logo...is that a windows 7 logo? Unless I need enlightenment myself... Hey, never mind...

So, both are Linux, and both are hardened. Hmmm...as jefro pointed out, an air gap and "ploop" they're in. But I'd be surprised if they bet beyond the "frame"...

Thor

LOL! I didn't think of that.

You've got to wonder how internet banks even can exist in this world if it's really that easy. "ploop" and all the money is transfered to Switzerland. The next week I need more money "ploop" thanks. Not to mention other critical high profile servers, that actually manages to stay alive and unhacked. How come?

Well, everything boils down to the ... (drumroll) user.

Some examples:

A coleague got her hotmail pass stolen, she should NOT have clicked on the "ever so inviting and scary" mail to have her password renewed, before at least looking at the destination address of a page that looks pretty legit.

A bank user HAS to stay up to date with security updates.

A system admin (go figure) I once worked with had the same pass for all the servers in the company, and it was ...(drumroll) "mouse"

Enough examples to choose from.

It boils down to the user that needs to get (himself) educated. What's the old wisdom mom gave us? Do no trust a stranger.

And, yes, all in all, given a bit of common sense, it's pretty safe...

Thor