In message <AANLkTi=htn0sn-dcyqkopye6hq02bge+q-8gxnhi3...@mail.gmail.com> Kurt Buff <kurt.b...@gmail.com> was claimed to have wrote:
>On Fri, Feb 4, 2011 at 20:21, Joseph L. Casale ><jcas...@activenetwerx.com> wrote: >>>Well, I hear of people running pfSense in a VM, and I wonder how do you >>>avoid exposing the host OS to the network? How can a firewall be run in a >>>VM and not leave the host OS hanging out to be attacked? >> >> Well, if the interface is setup in a bridge with nothing else, what exactly >> is >> addressable that you can connect to and then hack? Now add a vm and plug >> a nic into this bridge and put pfsenses wan designation on it. When you show >> me one case of the host being compromised I'll believe it, until then it's >> not >> been done as far as I know... > >If the OS is a VM, then you might want to understand Blue Pill: > >http://en.wikipedia.org/wiki/Blue_Pill_%28malware%29 > >And, I believe, it's just the beginning of the threats for virtual >environments. A Blue Pill attack is effective against actual hardware, lifting the running OS into a Hypervisor without the OS or user being aware. However, this type of attack wouldn't need you to be in a virtual environment. In fact, it might be more effective on real hardware than within a VM environment since AMD-V and VT-x functionality itself isn't available within a guest environment. --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org