On 28 December 2010 03:33, Matthew Sullenberger <su...@sadburger.com> wrote: > I will be updating to the latest version very soon to see if that resolves the > problem. I wasn't aware of the VMT package that provides some of the tools and > things, so that is good! > > I wouldn't normally utilize a virtual firewall, but this is not an edge > firewall, and it is sitting inbetween two internal network segments that > consist (primarily) of virtual machines on the same VMWare Infrastructure. All > traffic inbound/outbound from external networks is still going through a > physical firewall before it hits anything else!
Are there untrusted users on either of those internal networks? Or hosts in that network with services exposed to other untrusted users elsewhere? Is the VMware management interface exposed to any network or host that is exposed to untrusted users? If so, watch this for just one example to be wary of... http://www.youtube.com/watch?v=60MDvnturZg After acknowledging this vulnerability VMware took five months to patch it. I realise the VMware management interface should not be exposed to untrusted users, but given that it usually is (internal staff), this remotely exploitable vulnerability is not exactly low impact. I have to wonder what they consider to be high impact and how quickly they will patch then. Oh and... http://www.youtube.com/watch?v=rVXp9etCqMo All eggs, one flimsy basket. Shane
