Educause Security Discussion mailing list archives

Re: virtual machines

From: Patrick Goggins <pgoggins () CARROLLU EDU>
Date: Mon, 22 Mar 2010 10:02:58 -0500

Users in our environment are normal users within active directory and do not have permissions to install any of the 
virtual environments. The only virtual environments which can be run is parallels for the Macs. While this is always a 
potential risk I would see a greater chance of this not only happening but problems occurring from it stemming from 
student computers. Students in general have full admin on their computers, are more technically knowledgeable with 
virtual environments, and have a large amount of time on their hands.

~Patrick

Patrick Goggins
Network Administrator
Carroll University

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ozzie 
Paez
Sent: Monday, March 22, 2010 9:53 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] virtual machines

I would be curious to know if anyone has actually encountered problems with this issue,
Ozzie Paez
SSE/SAIC
303-332-5363

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Drake, 
Craig
Sent: Monday, March 22, 2010 8:49 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] virtual machines

I am not sure if anybody has mentioned this on this list before or not.

I was wondering if anybody is doing anything to control/restrict virtual machines running on users computers?  This 
could be a potentially very dangerous situation with users running rogue virtual machines on their office computers.  
They could essentially install anything they want in a virtual machines or bring infected virtual machines from offsite 
onto our faculty/staff/admin networks.  They could get around any restrictions we place on our physical desktop/laptop 
computers.  With the ability of NAT'ing these virtual machines through the host machine's network connection, it would 
be very difficult to track them down if there is a problem.

Thoughts?

Craig Drake
Senior Systems Administrator
Network and Distributed Services
Northeastern Illinois University
Phone: (773)442-4386
Email: c-drake () neiu edu
[cid:image001.jpg@01CAC9A6.5190AAF0]

Current thread:

virtual machines Drake, Craig (Mar 22)
- <Possible follow-ups>
- Re: virtual machines Ozzie Paez (Mar 22)
- Re: virtual machines Patrick Goggins (Mar 22)
- Re: virtual machines Julian Y. Koh (Mar 22)
- Re: virtual machines SCHALIP, MICHAEL (Mar 22)
- Re: virtual machines SCHALIP, MICHAEL (Mar 22)
- Re: virtual machines Mike Lococo (Mar 22)