Running a webserver on a virtual machine (VirtualBox) - Pros/Cons in terms of security

Question

I want to sharpen my skills in terms of gnu/linux and get a better understanding of how servers work. So I thought I'd set up an apache webserver with ftp, ssh, svn etc. Since I use Adobe products everyday in my line of work installing a linux dist. straight on my machine isn't an option. Yes, I could probably do a dualboot with linux and vista. But since I am a novice I don't want to risk something happening to my machine.

So I thought of start of installing a dist. with a pretty steep learning curve with a lot of manual configuration. To maximize the familiarization of command line operations and such. The goal is to make it working and have a safe setup.

So before I write a WOT;

I was curious of, what pros and cons there are in terms of security to have a setup like this?

Thank you!

Answer 1

None, there are no difference if the *nix system is on a VM or physical hardware if you give it access to resources.

In the case of the VM if you don't want it to have access to the hosts hard drive then don't add the physical hard drive. Same for the Network and any other resource.

Answer 2

I am running a bunch of virtual servers on my single server. I'm using OpenVZ but the basic pros and cons are the same.

Pros I enjoy the fact that I get to experiment a lot. I can install stuff, screw things up royally, and then just wipe out the entire virtual server and start over. It beats re-installing the OS in real-life. I can also easily compare and contrast competing products this way. I'm also able to monitor the running of the system and understand how it works in a more intimate way.

Cons Resource consumption, which is the reason why I chose OpenVZ - it doesn't consume that much as compared to VirtualBox.

Security wise, you need to take the same precautions as you do for a real system. The difference is that if your machine is compromised, you can just wipe it out easily.