On Tue, Nov 23, 2010 at 01:38:04PM +0100, carlopmart wrote:
I will to know your opinion about using virtual firewalls in virtual
infraestructures like vmware, kvm ,xen, etc (...) [What about]
security?
Let me add one more reason to the ones already offered: there are *many*
side-channel
On Fri, 26 Nov 2010 17:50:13 +0100
Joachim Schipper joac...@joachimschipper.nl wrote:
Let me add one more reason to the ones already offered: there are *many*
side-channel attacks that can cross VM barriers. In other words, don't
do any sort of crypto (SSH, IPsec...) on virtualized machines,
On 24 November 2010 01:12, Brad Tilley b...@16systems.com wrote:
carlopmart wrote:
Advantages are very clear for me: provisioning, administration tasks,
etc ... But I will to know disadvantages. What is your opinion from the
point of view of security?
I use virtualization for many things
On 24 November 2010 07:28, Brad Tilley b...@16systems.com wrote:
Nick Holland wrote:
what's changed?
Layering? Nope.
Crappy programming? Nope.
Better hardware? not really.
Features-before-security? Nope.
Good points. The goals of virtualization are, easy management, power
savings,
On 24 November 2010 19:34, SJP Lists sjp.li...@flashbsd.net wrote:
On 24 November 2010 01:12, Brad Tilley b...@16systems.com wrote:
carlopmart wrote:
Advantages are very clear for me: provisioning, administration tasks,
etc ... But I will to know disadvantages. What is your opinion from the
On 11/24/2010 02:36 PM, SJP Lists wrote:
On 24 November 2010 19:34, SJP Listssjp.li...@flashbsd.net wrote:
On 24 November 2010 01:12, Brad Tilleyb...@16systems.com wrote:
carlopmart wrote:
Advantages are very clear for me: provisioning, administration tasks,
etc ... But I will to know
On 11/23/2010 01:42 PM, Bret Lambert wrote:
Because you're still relying on your host's network stack, you aren't
actually firewalling it.
Uhmm .. I am not sure about this. For example: you can configure several virtual
bridges under a ESXi host and then attach them to a virtual firewall
On 11/23/2010 01:48 PM, carlopmart wrote:
On 11/23/2010 01:42 PM, Bret Lambert wrote:
Because you're still relying on your host's network stack, you aren't
actually firewalling it.
Uhmm .. I am not sure about this. For example: you can configure several virtual
bridges under a ESXi host and
* carlopmart carlopm...@gmail.com [101123 08:22]:
On 11/23/2010 01:48 PM, carlopmart wrote:
On 11/23/2010 01:42 PM, Bret Lambert wrote:
Because you're still relying on your host's network stack, you aren't
actually firewalling it.
Uhmm .. I am not sure about this. For example: you can
On 11/23/2010 02:30 PM, Timo Schoeler wrote:
thus carlopmart spake:
On 11/23/2010 01:48 PM, carlopmart wrote:
On 11/23/2010 01:42 PM, Bret Lambert wrote:
Because you're still relying on your host's network stack, you aren't
actually firewalling it.
Uhmm .. I am not sure about this. For
On 11/23/2010 02:33 PM, Jim Razmus wrote:
* carlopmartcarlopm...@gmail.com [101123 08:22]:
On 11/23/2010 01:48 PM, carlopmart wrote:
On 11/23/2010 01:42 PM, Bret Lambert wrote:
Because you're still relying on your host's network stack, you aren't
actually firewalling it.
Uhmm .. I am not
On 11/23/10 07:38, carlopmart wrote:
Hi all,
First of all, I don't want to start a flame. I will to know your
opinion about using virtual firewalls in virtual infraestructures like
vmware, kvm ,xen, etc ... like OpenBSD.
Advantages are very clear for me: provisioning, administration
On Tue, Nov 23, 2010 at 1:38 PM, carlopmart carlopm...@gmail.com wrote:
Hi all,
First of all, I don't want to start a flame. I will to know your opinion
about using virtual firewalls in virtual infraestructures like vmware, kvm
,xen, etc ... like OpenBSD.
Advantages are very clear for me:
OK
You are right.
But you know in this case your security level is not higher than virtual
machine.
Because your security level in complex chained system is not higher than
weakest point.In fact you are accepting the risk of using virtual machine.
I think in this case if your virtual machine
carlopmart wrote:
Advantages are very clear for me: provisioning, administration tasks,
etc ... But I will to know disadvantages. What is your opinion from the
point of view of security?
I use virtualization for many things (mainly for the productivity
advantages that you list), but it has
On 23/11/10 13:56, Bahador NazariFard wrote:
OK
You are right.
But you know in this case your security level is not higher than virtual
machine.
Because your security level in complex chained system is not higher than
weakest point.In fact you are accepting the risk of using virtual machine.
I
On 2010-11-23, carlopmart carlopm...@gmail.com wrote:
Hi all,
First of all, I don't want to start a flame. I will to know your opinion
about
using virtual firewalls in virtual infraestructures like vmware, kvm ,xen,
etc ...
like OpenBSD.
Advantages are very clear for me:
On 11/23/2010 04:03 PM, Stuart Henderson wrote:
On 2010-11-23, carlopmartcarlopm...@gmail.com wrote:
Hi all,
First of all, I don't want to start a flame. I will to know your opinion
about
using virtual firewalls in virtual infraestructures like vmware, kvm ,xen, etc
...
like OpenBSD.
On 2010-11-23, at 6:38 AM, carlopmart wrote:
Hi all,
First of all, I don't want to start a flame. I will to know your opinion
about using virtual firewalls in virtual infraestructures like vmware, kvm
,xen, etc ... like OpenBSD.
Advantages are very clear for me: provisioning, administration
At logical level who is responsible against layer two threats (vm or fw)?
You are using virtual machine and its network drivers aren't you?
I think it is so clear that in this solution health of VM is vital for
your network.
It seems you are concentrating and focus only about network layer
* carlopmart carlopm...@gmail.com [101123 08:44]:
On 11/23/2010 02:33 PM, Jim Razmus wrote:
* carlopmartcarlopm...@gmail.com [101123 08:22]:
On 11/23/2010 01:48 PM, carlopmart wrote:
On 11/23/2010 01:42 PM, Bret Lambert wrote:
Because you're still relying on your host's network stack, you
Possibly, yes. Here's why. You're not attacking an OpenBSD host.
The hypervisor has a network stack that is engaged before any guest.
How else can you setup virtual switches, attach interfaces, etc.
Assuming that stack is vulnerable in some fashion, you have the
opportunity to attack the
On Tue, Nov 23, 2010 at 01:38:04PM +0100, carlopmart wrote:
Hi all,
First of all, I don't want to start a flame. I will to know your
opinion about using virtual firewalls in virtual infraestructures
like vmware, kvm ,xen, etc ... like OpenBSD.
Advantages are very clear for me: provisioning,
On 11/23/10 08:32, carlopmart wrote:
On 11/23/2010 02:30 PM, Timo Schoeler wrote:
...
http://kerneltrap.org/mailarchive/openbsd-misc/2007/10/24/352059
Yes, but this question is three years old and hypervisors have changed
Thanks.
what's changed?
Layering? Nope.
Crappy programming?
Nick Holland wrote:
what's changed?
Layering? Nope.
Crappy programming? Nope.
Better hardware? not really.
Features-before-security? Nope.
Good points. The goals of virtualization are, easy management, power
savings, quick provisioning and deployment, redundancy, etc. When you
talk about
On Tue, 2010-11-23 at 15:28 -0500, Brad Tilley wrote:
Nick Holland wrote:
what's changed?
Layering? Nope.
Crappy programming? Nope.
Better hardware? not really.
Features-before-security? Nope.
Good points. The goals of virtualization are, easy management, power
savings, quick
26 matches
Mail list logo
