From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HKeh2-0004zz-AY for garchives@archives.gentoo.org; Fri, 23 Feb 2007 17:58:52 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l1NHuiDA003201; Fri, 23 Feb 2007 17:56:44 GMT Received: from lancia.kaluga.ru (lancia.kaluga.ru [62.148.128.2]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l1NHn2vr025106 for ; Fri, 23 Feb 2007 17:49:02 GMT Received: from pavillion ([62.148.150.64]) by lancia.kaluga.ru (8.13.8/8.13.8) with ESMTP id l1NHmxtX075307 for ; Fri, 23 Feb 2007 20:49:00 +0300 (MSK) Date: Fri, 23 Feb 2007 20:48:59 +0300 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Did I just get hacked??? From: "Andrey Gerasimenko" Content-Type: text/plain; format=flowed; delsp=yes; charset=windows-1251 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 References: <49bf44f10702101827k199bf270yfb65ed1f4f5195e0@mail.gmail.com> <1171165124.381.9.camel@blackwidow.nbk> <49bf44f10702221534p2fd8fbd7u7a3d7c3f68b51893@mail.gmail.com> <20070223005120.2a917517@krikkit.digimed.co.uk> Content-Transfer-Encoding: 7bit Message-ID: In-Reply-To: <20070223005120.2a917517@krikkit.digimed.co.uk> User-Agent: Opera Mail/9.10 (Win32) X-Antivirus: avast! (VPS 000716-3, 02/23/2007), Outbound message X-Antivirus-Status: Clean X-Archives-Salt: dd163da7-50a9-4057-aec3-b5ddaa8b65b3 X-Archives-Hash: a3e1fd681d5f04bf39ab28446765d61b On Fri, 23 Feb 2007 03:51:20 +0300, Neil Bothwick wrote: > On Thu, 22 Feb 2007 15:34:45 -0800, Grant wrote: > >> It occurred to me this morning that a hacker could have gained access >> to my system via the vmware guest OS (XP) and then deleted the >> contents of vmware/ to cover his tracks. Does that sound like a >> possibility? > > Not unless you have the vmware directory mounted within the guest OS. The > VM cannot access filesystems on the host unless they are created as disks > on the VM or network mounted. > > This is correct, but if the virtual machine is on the same network as the host, then it is posible to get the VM, than the host, and finally to delete the VM. Theoretically it is also possible to get to the host through the VmWare Tools, provided they are installed on the guest, but I have never heard this done. -- Andrei Gerasimenko -- gentoo-user@gentoo.org mailing list