>If you're running on a virtual machine, a) you can't power-off with impunity,
Of course you can. You can boot a VM off of read only media as easily as you can a physical machine - although I have not had any luck using the large floppy image under VMWare server. >b) a compromised firewall virtual machine has SUSE's full toolset on an accessible hard drive Its not that simple. This assumes (as does C) that there is an unknown attack vector exploitable from a compromised Leaf system, which the attacker knows about and has not been patched. Simply breaking into virtual Leaf will not provide you with access to the host system. >c) you can never be entirely sure just how far the penetration got, so the whole system is suspect! This argument is actually valid, especially in light of some past vulnerabilities. The decision to virtualize the firewall should be weighed against the potential for compromise of the firewall and the possibility that the hacker would then be able to determine that they were running in a VM (probably could) and using that compromised system, could then access the host. I think that risk scenario is completely acceptable for most SOHO environments. - Bob Coffman ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
