Episode 6 - Finding a snowman amongst men

Just listened to this episode, and wondered about something when you mentioned about the braveness of anyone who installs a webserver on their primary computer.
 
If I am running the webserver in VMware, with bridged networking to give it its own ip address, can my computer still get hacked into?  If someone hacked into the webserver and was somehow able to rm -rf / it, for example, would it mess up just the VMware install? Or would it take down everything?
 
And, as a side note: Tom, from Going Linux, if you're reading this, I am emailing you a pic of an aardvark that I'd like you to set as your desktop background ;-)
 
------------------------------------------------------------------------------------------------------------------
At Microsoft, failure is not an option; it comes pre-installed with Windows

There are ways to isolate a VM from the host but there is also an exploit called the blue pill/red pill that allows an attacker if they discover they are in a virtual machine to try and break out of the machine.  It's theory right now but it wouldn't surprise me if someone figures it out.  You really need to treat the VM as a real machine and protect it all the same.  The snapshot feature in VMware can be a lifesaver as you can take the interface down and restore it to a known good state.  It would be a good idea to put your virtual machine ip in a DMZ and on a seperate subnet so if they do crack the box they can't use it to attack other machines on your network.  There are people out there that can hack major sites with multiple firewalls, an unprotected machine is a sheep waiting for slaughter.
--------------------------------------------------------------------------------------------------------
Linux Resonance Podcast
Linux, hardware, securty, and audio/video production

Putting it in the DMZ is not a problem, as I had to do that for my PS2.  The Belkin Pre-N router I use tells me that "The computer in the DMZ is not protected from hacker attacks."
 
So am I right in saying that by putting the VM in DMZ I will actually be reducing its protection immediately, as it won't have the router to protect it?
 
I will have to read up on how to put it in a seperate subnet, as I have no idea how to, and I looked through all the router settings and under Subnet, it just gave the default one, no option for a second.
 
Maybe this makes me sound stupid, and everyone is screaming out how simple it is.. but I do love to learn, and will research something until I know it inside-out.
 
 
------------------------------------------------------------------------------------------------------------------
At Microsoft, failure is not an option; it comes pre-installed with Windows

Looks like someone already answered the question, but as of right now, it is not possible for the host machine be hacked from the vmware machine. There is however, several theoretical ways floating around that will probably surface as real hacks within the next year. I have a feeling that Vmware will address them immediatly though.
The big problem is, when you have a hacked computer on the network, your other computers are more at risk. I'm on Vacation but I will right more soon. And yes, Tom needs that Ardvark!
Chad

In case anyone is wondering about a good hosting service that supports drupal (and many other content managers)... check out InMotionHosting.com
That is where I'm hosting my drupal site.
David