> > attacker knows about and has not been patched. Simply breaking into > > virtual Leaf will not provide you with access to the host system.
> Actually I had thought about this myself but figured if it had to come > to that they'd most likely give up. Really? What you mean to say is, "if it had come to that _I'd_ most likely give up." Whether they do or not depends on their motivation. They seem to have plenty of motivation. We're not talking about kids putting a "Nyeah, nyeah" on your screen as they format your hard drive anymore! I keep reading organized crime is backing it now. > get on the wrong side first. Depending on his intentions* this would > make it pointless to change anything on the LEAF box since he already > accomplished his goal. That's not his goal! > * Spammers trying to use my computer for sending spam might not like my > firewall blocking outgoing traffic to port 25. You have to assume they've got root and can change it to whatever they want. > >I see, so you're supposing there isn't an exploit? How do you "prove > >a negative"? > > I didn't say there wasn't an exploit. I'm not sure where you got that - You said: "Its not that simple. This assumes (as does C) that there is an unknown attack vector exploitable from a compromised Leaf system, ..." Which seems to suggest "security by obscurity." >From my perspective, it's safer to assume there IS an attack vector, and whether it's known or not depends on who you know. If a black-hat discovered an attack, just why is it in ANY interest of his to make it known? Zero time attacks are a clear & present danger. > I actually pointed out that similar exploits have been found in the past > and patched.* Which proves my point. They existed, and the ones that were found and made public were patched. However, considering the track record of SOME major software houses in patching ;-), I wouldn't trust the patch! > All I was pointing out was your incorrect assumption that once someone > got into the guest, that they would then be free to run rampant over > the host and do as they please. There is in fact no proof at all that > that is the case. No, not my incorrect assumption. Just free to attack the host. Remember, I had prior experience with fully virtualized systems. I realize that the penetrator is still in a virtual machine, not real one. And the larger point still remains: if your perimeter firewall is running on a entirely separate machine, there is an added (NOTE: NOT insurmountable) level of difficulty. > In the final analysis, for the type of user who would employ Leaf in a > virtualized environment, the security it provides - doing the job it was > designed to do - should be "good enough." I think this type of I'm not making that judgement for others. > is far more susceptible to user-enabled attack vectors (ie. Spyware, > viruses, etc.) than an extremely skilled hacker uncovering a currently > unknown flaw in VWMare, on top of breaking into a Leaf system. Absolutely! One reason I run Bering AND a tight firewall on my workstation. Layered security, in hardware & software. -- Paul Rogers [EMAIL PROTECTED] http://www.xprt.net/~pgrogers/ Rogers' Second Law: "Everything you do communicates." (I do not personally endorse any additions after this line. TANSTAAFL :-) -- http://www.fastmail.fm - Accessible with your email software or over the web ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
