I am running in a virtual machine environment the Ubuntu Linux for banking and other 'security concious' sites running a different VM for each.I was trying to see if others have been there and done that, so to speak.Would also like to find out about 'beefing' up the security before embarking on this. Thanks.

It sounds like you have a lot of research to do, studying prior art to see exactly what they did and how they did it. A vague question here to the effect that you have become aware that you have lots of things to find out (I am trying to say this politely, BTW) won't help you in any way to find those things. Good ol' fashioned research does work, and I do not simply mean, "Google it.™"

I might suggest a live cd from the DOD. I know you think it is hacked but I can't find anything yet.

A live secure cd may be better. Even a VM running a live cd ISO might be better.


A hardened system generally is not installed by default. A sundaisvcs says you have to do a lot of the tasks. These tend to be termed best practices or other terms.

Some places to start for a secure live cd.

http://en.wikipedia.org/wiki/List_of_live_CDs

http://www.livecdlist.com/purpose/secure-desktop


run some tests on this one maybe. http://netsecl.com/

To the part in bold, is there any particular reason for this? Obviously, your doing so on the basis of increased security, but why would this be more secure? In fact, a virtual machine can be as vulnerable, if not more so, than a physical machine and still requires all of the hardening aspects. Running a separate machine for each site, makes the project of maintaining and securing, which is an ongoing process that involves active analysis of the machines on a regular basis, much more difficult.

Instead of running a series of virtual machines, if you are really concerned about things like banking, use a liveCD as nothing will be stored on it and nothing can overwrite it.

Lastly, since you mentioned using Ubuntu for this purpose, I would recommend that you check out the Ubuntu Security Section. In particular, if I recall correctly, Bodhi Zazen has at least one white paper specificially about securing an Ubuntu system for use in applications like banking.