Any service running in a virtual machine provides the potential for attack. By disabling unnecessary system components that are not necessary to support the application or service running on the system, you reduce the number of components that can be attacked.
About this task
Virtual machines do not usually require as many services or functions as physical servers. When you virtualize a system, evaluate whether a particular service or function is necessary.
- Disable unused services in the operating system.
For example, if the system runs a file server, turn off any Web services.
- Disconnect unused physical devices, such as CD/DVD drives, floppy drives, and USB adaptors.
- Disable unused functionality, such as unused display features or HGFS (Host Guest File System).
- Turn off screen savers.
- Do not run the X Window system on Linux, BSD, or Solaris guest operating systems unless it is necessary.