Leland, Thanks for the info.
Sounds good, but can't say I'm convinced on the security part. I'm looking for really assuring words like "it's impossible to break into" or "the jig is up for the attackers". I'm imagining a VM OS that can't be changed unless the system is booted in "maintenance mode", but otherwise the software is frozen and can't be changed during regular operations, period. Sort of a semi burned-into-a-chip hardware solution, but one where we get maintainable software that also can't be touched by an attacker. Bill > > I downloaded the Xen iso and burned it into a DVD. The size > of the iso was about 698 megs. I booted the DVD and > selected the X86 OS version from the grub menu, which > brought up a Linux OS with a Debian icon. The Xen gui > automatically opened in the Debian desktop. I then opened > a Ubuntu guest using the Xen gui VM manager, and it worked > OK. I'll have to set aside some additional time to explore > it further. > > The below excerpt regarding security is from the Xen FAQs: > > #---------------------- > > > Q: What is the Xen approach to security? > A: Xen supports absolute resource isolation between domains > meaning it has the highest level of separation and security > possible in i386 class hardware. You won't, for example, be > able to tcpdump on a virtual host and see traffic intended > for other virtual hosts. Additionally, Xen's code base is > very small - under 50,000 lines for the core hypervisor. > This allows the security community to verify its security > continually. More importantly, Xen can use hardware security > capabilities, such as Trusted Platform Modules (TPMs) to > build a layer of attestation and trust up from the hardware, > through the software. XenSource demonstrated a secure > hypervisor at Intel Developer Forum in August 2005. The > secure solution is an integration of the Xen hypervisor with > the market leading open source Snort Intrusion Detection > System. By embedding security capabilities into the > hypervisor, users receive a powerful new ability to > implement the same security policies across the virtualized > enterprise, independent of the operating system. Moreover, > the hypervisor can ensure that even legacy guests that have > not been patched will be protected. Xen can even prevent a > compromised virtual machine from attacking other virtual or > physical servers in the enterprise by blocking its network > traffic. > > Finally, XenSource, IBM and Intel are collaborating on a > project to deliver a key security capability using Xen. > So-called multi-layer secure systems (MLS) allow the > hypervisor and its security to be independently managed, > monitored and controlled from that of the guests - > effectively providing yet another layer of independent > security, outside the guest operating system. > > http://staging.xen.org/about/faq.html > > #-------------------- > > Regards, > > LelandJ > > > > On 01/29/2010 10:46 AM, Leland F. Jackson, CPA wrote: > > Below is an excerpt of the Xen FAQ and the link: > > > > #---------------------- > > > > Q: How does Xen differ from other virtualization technologies? > > A: Unlike other virtualization technologies, only Xen is > > entirely open source. This brings a number of benefits over > > proprietary solutions, including improved functionality, > > better performance, and greater extendibility. Xen is > > without doubt the highest performing hypervisor in the > > industry - with typically 10x less overhead than competitive > > proprietary offerings. Xen's unique performance benefits > > accrue from its pioneering and industry leading > > paravirtualization technology, which allows hosted virtual > > servers to collaborate with the hypervisor to achieve the > > best performance for enterprise applications. > > > > Xen also optimally uses the hardware virtualization > > capabilities of Intel's VT and AMD's Pacifica processors. > > Unlike other proprietary hypervisors which rely on dated, > > software-only virtualization, Xen is the industry's first > > supported software base for Intel VT. Xen runs unmodified > > guests such as Windows, on "the bare metal" at native > > processor speed on Intel VT enabled hardware. > > Paravirtualization in this case provides I/O performance > > that Intel VT cannot provide, while still using the best in > > hardware support for accelerated performance of > > virtualization. Finally, since Xen has no product fee, it > > results in a much lower total cost of ownership. > > > > http://staging.xen.org/about/faq.html > > > > #---------------------------- > > > > Regards, > > > > LelandJ > > > > > > > > > > On 01/29/2010 10:00 AM, Bill Arnold wrote: > >> > >> Paul, > >> > >>>> I'd favor the VM approach. I think we're all going to wind > >>> up running VM > >>>> anyway. > >>>> > >>>> No, I'm not using it yet. I'm still reeling from the fact > >>> that it requires a > >>>> host OS. Cheap way out, and I think it makes the machine > >>> vulnerable to > >>>> attack. But I suspect a better VM will come along at some > >>> point. I know > >>>> IBM's VM is exactly what we'd like to have (it doesn't > >>> require a host). > >>> > >>> You could set up a Linux box to boot right into a VM running > >>> DOS or Windows 3.1. From > >>> the user's POV, it would be totally native. > >> > >> > >> That's good to know. What I'm really wishing for is a > "real" VM where it's > >> the OS, has no dependencies, and can run any of the major > guest OS's. > >> > >> Besides using it for testing apps with different releases, > my expectation is > >> that it would provide complete protection for the OS from > attacks, because > >> virtual OS's disappear and (presumably) VM itself can't be touched. > >> > >> It's probably being developed somewhere. Intel? > >> > >> > >> Bill > >> > >>> > >>> Paul > >>> > >>> [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/15b1667feed446b6bcc89ab3ba3cf...@bills ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
