Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
If the host machine has antivirus, antimalware, etc. then I would think the virtual machine accesses the Internet through the host, and doesn't need its own protection. Is that correct?
There aren't any reported cases of a breach wherein a vm which begins running malicious code is able to infect a host. However, theoretical concerns have been raised over this very issue. Worse, if a vm gets infected, it will likely end up running a bot that will scan your network (including possibly the host) and could easily discover a hole in your defenses.
So, even if you don't care much about the vm, it is highly advisable to engage in a rigorous strategy of protecting those machines with AV software and scheduled updates. It can be challenging if you don't turn the systems on that often. So, it's generally a good idea to schedule a time every few weeks that you turn on all vm/images and get them all up to date.
If you'd mention a particular virtual host vendor or package, more specific advice may be available as for how to go about developing your vm security protocol.
you should treat the virtual machine as if it were a real machine.
give it some protection.
If you use the virtual machine to do actual work besides testing - yes it should have antivirus, because it might jump over to the main machine if you move a file there. If it's just for sandbox testing of a program, you don't need antivirus or anything else, simply because you can always wipe the virtual harddrive.
No, Virtual machines will need the same treat as the real machine. But if you are not going to use it, I suggest you to turn on backups. It'll be easier to recover if your virtual machine has backups.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
Background Info:
My office is closing down due to COVID19 outbreak policies.
Unfortunately we do not have a VPN in place, and currently one of my coworkers has to going in every day to make commits for everyone who is working remotely--our repos are stored inside the office internal network.
The Problem:
I need to be able to get inside the internal network remotely using SSH, without having to make any changes to network configuration (I do not have access to the network devices). This means I would not be opening ports, or making firewall exceptions for example.
I was thinking of using a raspberry pi with a fresh linux image (any supported distro would be fine, I'm open to suggestions).
My goal is to plug the pi3 to my workstation ethernet port, and leave it there for the time being. I would not be able to do any physical reboots , etc.
I need a suggestion for a free tunneling solution that would be easy to set up and use for 1-10 people to be able to connect using a secure connection (SSH) and gain access to internal resources remotely.
Question:
I need suggestions for which distro would be nice and light enough for the pi3 to handle, and SSH server software to use.
I looked into OpenSSh which has been suggested in other similar threads, but it would require configuring firewall and opening port 22, which I cannot do.
Other
I've used Google Chrome's remote desktop in the past and it has worked wonderfully. I would set up the "host" machine with it, and then any other machine with Chrome (with the same account) could remote in without any sort of network configuration.
I guess I just need something similar to this, but instead of remote desktop I need an SSH solution. I would create a few root-enabled accounts to allow other devs to connect to it at the same time if possible.
I found a solution to my problem and will pass it along to my IT team for proper approval prior to putting in place. However I wanted to share the answer here in case anyone else ever has a similar situation.
As stated, be sure to check your company's policy and consult the proper channels before doing this sort of thing, as it can cause security risks and could get you fired... so be advised, do this at your own risk!
With that said, a "Reverse SSH" could be the solution to the problem. It allows you to connect to a machine inside of a network without having to open ports or firewall exceptions.
This isn't a good long term solution for most cases, but might be the workaround you need to do the trick in a pinch.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
the next paragraph is extracted from an article of infosecurity
Blockquote
Around 18% of malware detects virtual machines and stops executing if it arrives on one; however, four out of five malware samples will run on virtual machines, meaning that these systems need regular protection from malware as well.
I don't understand why virus stops if they detect virtual machine ?
is that to avoid being analysed by tools like cukoo or there is another reason ?
Indeed this is done to prevent security analysis. However, such prevention becomes more rare, as more and more systems are virtualized and stopping operations would make it impossible for malware to infect the virtualized system.
Yes malwares prevent them self to run on virtual machines so a malware analyst cannot monitor its behavior. Malware author detects the virtual environment in there code and they put checks in their code so that if they found that they are running in a VM then they stop themself to do malicious behavior. These type of malwares also known as polymorphic malwares.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
elasticsearch can be started as a Windows or Linux service. Is there is any better performance in running it in one environment versus the other in production?
The advantage of using linux for running elasticsearch is that the vast majority of elasticsearch users use this and most of the optimization efforts are linux focused. There's a lot of knowledge out there on how to tune and optimize elasticsearch on linux.
A lot of that probably ports over to windows but it is fundamentally very different in how it behaves with a different kernel, filesystem, networking, etc. I expect things probably work fine in windows but fundamentally you are pretty much on your own tuning it and diagnosing any issues you encounter.
The only reason I could see for attempting to run Elasticsearch in windows at all are 1) you have windows servers available and want to utilize them and it is not negotiable to format their drives with something more sane like Ubuntu or centos 2) it's a small non, mission critical setup where you don't actually care about tuning things or getting meaningful support for any issues you encounter and you happen to have some windows machines available for running elasticsearch.
So, unless you really want to use windows, you probably shouldn't.
The answer to this question is going to be a big fat "it depends." I have to respond to whole-heartedly disagree with the other answer. I have Elasticsearch deployed to production on Amazon Web Services as a Windows service for an enterprise-level application and have never had any problem tuning it or finding help in that regard. The other answer has a point to the extent that the official Elasticsearch documentation apparently assumes you're going to be using Linux, but that's their problem. It does not mean you're going to be on your own.
I suppose that it would be possible to get some comparable hardware and run benchmarks if you really want to find out which one you can make faster, but who has time for that? I doubt that such an experiment would make a difference to anyone but the largest websites on the Internet anyway.
That said, Elasticsearch is built for clustering. You scale by throwing more hardware at it. Linux is necessarily going to be cheaper if for no other reason than that you won't have to pay licensing costs. Unless you already have the hardware or virtual machines, you are most likely going to get more bang for your buck with Linux.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I was wondering if there is such service, either free or very cheap, where I can use a Linux machine for a few days to install and run 2 programs on it. Really all I need is to debug my ANSI C application with Valgrind debugger which only runs on Linux and I don't have access to it right now for various reasons.
So all I need is this:
being able to compile/install valgrind and my prog with gcc
run valgrind and my prog
ftp/sftp, or any other method as long I can send or download the files on machine
I thought of doing it over sourceforge but my software is not anything useful to humanity, it is for a scientific research, doing some math calculations...
Maybe anyone of you know of such service?
Or knows where I can use a Linux machine once in a while?
Please let me know
thanks
maxim
You can set up an Ubuntu micro instance for free on Amazon's infrastructure: http://aws.amazon.com/free/
But really, I would rather recommend you installing Linux on your own, you can even do it on a USB memory stick (pendrive).
The AWS micro instances are free for I think a year. Question is whether they are sufficient enough to do what you want, though besides that if you only need a few days perhaps the hourly paid instances are also cheap enough.
Another option would be to run a LiveCD in either a VM or physical machine and do it from there.
Assuming you're using Windows, you can download VMware Player for free.
http://www.vmware.com/products/player/
Then download whatever Linux distro ISO image you'd like to use and open it in VMware Player. It will run like you installed Linux on your machine.
If you're using a Mac, I'm out of my element but I think someone told me before Macs run on top of Linux so I think you can open a terminal and run/test/develop your program.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I have moved this question to serverfault where it might be more appropriate.
See https://serverfault.com/questions/128329/how-do-you-host-multiple-public-facing-websites-on-a-vps
We host about 30 websites using typical shared hosting plans using ASP.NET and SQL 2000/2005/2008.
I am now wondering about hosting all of these websites using our own virtual private server such as http://www.crystaltech.com/vps.aspx
This is clearly cheaper but comes with a lot of questions I need answers to:
Is the risk of having to keep this VPS server up and running worth it? Until now, the host provider has managed the server and we have not had to worry about crashes, downtime, software patches etc. We are not server administrators, we are programmers, so this is not really our expertise. On the other hand, it may not be hard to learn.
When we make a website live, we log in to a domain management control panel and change the primary and secondary name servers to point to our shared web host:
Eg ns1.sharedwebhost.com and ns2.sharedwebhost.com
These name servers are going to have to change when we have a VPS. I don’t understand anything about how to set this up. Is there some useful info anyone could direct me to? Or is there software we need to install to make the primary and secondary name servers work on our VPS?
The control panel we have for shared hosting comes with DNS management like this:
(source: yart.com.au)
What software would I need to install to create this for each site we host at a VPS?
The control panel we have for shared hosting also comes with a POP email interface that allows email addresses to be added easily:
(source: yart.com.au)
Is this something that can be easily set up at a VPS so clients can manage their own email addresses?
Is there software we need to install to make this work?
1) It depends on your applications, visitor patterns, required resources, etc. In general I'd say if you don't have the expertise - prefer scalable hosting solutions or managed dedicated servers (which can be quite expensive, but cheaper if you require very high availability).
Personally I host few dozen websites on my VPS and generally it is very easy to manage manually (after all it is Windows Server, you have GUI and PowerShell). That is until you hit a problem or someone hacks you.
2) You can always use free or paid DNS services or install OpenDNS on your VPS server (not recommended). Your VPS hoster might be providing DNS servers, ask them.
3) You can buy Plesk or cPanel and manage your websites the same way.
4) Same.
Everything you ask can be set up initially by your VPS provider. They will install control panels that will allow you to easily manage your websites, while having full server access as well.
You can have the best of both worlds. I use EuroVPN at www.eurovpn.com - they offer Semi-Managed plans on their VPS's (they have a sister company, EcoVPS for people who don't want this support). When I say semi-managed, the proactive monitoring is done by you, but you can always raise a ticket if you get stuck or there's a problem, and an engineer (1st/2nd & 3rd line) connects in using RDP to do the work for you.
Also, they give Plesk for "free".