Drive hacks (Was:Re: [Pc_Support] Re: VMware pre-made virtual guests)
Jerry Hubbard
hubbardjw at charter.net
Sat Aug 5 23:47:18 EDT 2006
Bryan J. Smith wrote:
> Chris Cox <ccox at airmail.net> wrote:
>
>> Somebody at the meeting asked about these:
>> http://www.vmware.com/vmtn/appliances/directory/
>>
>
> I already have a file server (dual-P3, 1GB of RAM, 3Ware RAID-10).
>
> But I have an extra system (Sempron 2800+ with 1GB of RAM and 3Ware
> RAID-10 storage) -- along with several dual-NIC PCI cards.
>
> So I was thinking about loading up CentOS 3 on it and then running
> both IPCop (Firewall) and either Fedora Core 6 or CentOS 4 with
> Fedora Directory Server 1.02 (Auth/Dir/Name Server).
>
> At some point in the future I'm going to go OpenFiler as well -- all
> on one box (probably my old dual-Athlon MP2400+). So 3 VMs:
> - Firewall
> - Auth/Dir/Name Server
> - File Server
>
> My only worry is that since the underlying host for the VM actually
> has to enable the interfaces for the underlying guest IPCop box, if
> there wasn't some worry of level-2 hacking going on at the host
> before it gets to the IPCop VM. I know I'm probably being over-anal
> on that, but it's still a concern.
>
> And yes, I'd put the other VM guest LAN facilities on their own
> network interface separate from the ones IPCop uses. But it's still
> a concern of mine, since the host still opens all those interfaces to
> itself.
>
>
>
Bryan,
Are NIC driver hacks a concern? Since hearing about the Black Hat demo
of a wireless driver hack, I have been wondering about this.
http://blog.washingtonpost.com/securityfix/2006/08/hijacking_a_macbook_in_60_seco.html
--
Jerry Hubbard
hubbardjw at charter.net
More information about the Pc_support
mailing list