Site icon Virtual Maestro

Securing Virtual Machines: Unnecessary Hardware Devices

Advertisements
When virtual machine is created, there are multiple devices that are associated with VM like floppy drive, CD-ROM and few others, but some of these devices are rarely used.I just created the test VM without any modification below is the result of default device that are getting added.

We can remove these devices safely as they are rarely used but also if required at any point of time, we can add them back temporarily again on the fly. Once the task is done, we can again remove them.

We can consider following devices for removal:

  • Floppy drives
  • Serial ports
  • Parallel ports
  • USB controllers
  • CD-ROM drives (Disconnect at least if not possible to remove due to frequent use of this device)

It is recommended that we should only present the devices that are required to a virtual machines. This approach allows to use resources efficiently and securely.

The reason behind removing such devices is that, unnecessary hardware devices uses interrupts and also operating systems polls these devices which results in consuming CPU cycles. Also few of these devices reserve some amount of memory.

These enabled or connected unnecessary device may pose potential attack channel too.

  • Any attacker with access to a virtual machine can connect a disconnected hardware device.
  • Then access sensitive information on the media left in the drives in case of mapping to physical drives, or disconnect a network adapter to isolate the virtual machine from its network, resulting in a denial of service.
  • Remove any unnecessary hardware devices.
  • Disable unnecessary virtual devices from within a virtual machine if you cannot remove.

Do check other article in this series on Limit Informational Messages from Virtual Machines to VMX Files

Exit mobile version