Re: OpenBSD firewalls as virtual machine ? | KernelTrap

Re: OpenBSD firewalls as virtual machine ?

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Craig Skinner

Subject: Re: OpenBSD firewalls as virtual machine ?

Date: Friday, September 21, 2007 - 1:03 am

Darren Spruell wrote:
quoted text> On 9/20/07, Nick Holland <nick@holland-consulting.net> wrote:
>>> Can someone please inform me if this is a really bad idea or not,
>>> ideally with some nice reasoning?
>>>
>>
>> Anyone who told you VM technology and security had anything to do with
>> each other was full of doo-doo.
> 
> I'll echo Nick's statements here. Virtualization does not provide
> reliable enough segmentation to rely on for security assurance. Do not
> buy into the market smack the vendors are putting out about it.
> 

Virtual equals complex.

Network devices are supposed to be reliable.

Complex does not equal reliable - just ask anyone that has served in the 
military!

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

OpenBSD firewalls as virtual machine ?, Josh, (Thu Sep 20, 6:09 pm)

Re: OpenBSD firewalls as virtual machine ?, Jason Dixon, (Thu Sep 20, 6:35 pm)

Re: OpenBSD firewalls as virtual machine ?, Nick Holland, (Thu Sep 20, 6:52 pm)

Re: OpenBSD firewalls as virtual machine ?, bofh, (Thu Sep 20, 6:53 pm)

Re: OpenBSD firewalls as virtual machine ?, Jason Dixon, (Thu Sep 20, 7:15 pm)

Re: OpenBSD firewalls as virtual machine ?, Darren Spruell, (Thu Sep 20, 11:18 pm)

Re: OpenBSD firewalls as virtual machine ?, Craig Skinner, (Fri Sep 21, 1:03 am)

Re: OpenBSD firewalls as virtual machine ?, Kent Watsen, (Fri Sep 21, 5:07 am)

Re: OpenBSD firewalls as virtual machine ?, Tony Sarendal, (Fri Sep 21, 5:58 am)

Re: OpenBSD firewalls as virtual machine ?, Scott Wells, (Fri Sep 21, 6:19 am)

Re: OpenBSD firewalls as virtual machine ?, Darren Spruell, (Fri Sep 21, 7:48 am)

Re: OpenBSD firewalls as virtual machine ?, Douglas A. Tutty, (Fri Sep 21, 7:52 am)

Re: OpenBSD firewalls as virtual machine ?, Craig Skinner, (Fri Sep 21, 8:09 am)

Re: OpenBSD firewalls as virtual machine ?, Luca Corti, (Fri Sep 21, 8:17 am)

Re: OpenBSD firewalls as virtual machine ?, bofh, (Fri Sep 21, 12:29 pm)

Re: OpenBSD firewalls as virtual machine ?, Stuart Henderson, (Fri Sep 21, 12:51 pm)

Re: OpenBSD firewalls as virtual machine ?, Ted Unangst, (Fri Sep 21, 1:28 pm)

Re: OpenBSD firewalls as virtual machine ?, Luca Corti, (Fri Sep 21, 2:15 pm)

Re: OpenBSD firewalls as virtual machine ?, Luca Corti, (Fri Sep 21, 2:16 pm)

Re: OpenBSD firewalls as virtual machine ?, Claudio Jeker, (Fri Sep 21, 3:34 pm)

Re: OpenBSD firewalls as virtual machine ?, Bryan Irvine, (Fri Sep 21, 4:09 pm)

Re: OpenBSD firewalls as virtual machine ?, Tony Sarendal, (Fri Sep 21, 4:10 pm)

Re: OpenBSD firewalls as virtual machine ?, Luca Corti, (Fri Sep 21, 5:06 pm)

Re: OpenBSD firewalls as virtual machine ?, user, (Fri Sep 21, 8:12 pm)

Re: OpenBSD firewalls as virtual machine ?, Douglas A. Tutty, (Fri Sep 21, 9:36 pm)

Re: OpenBSD firewalls as virtual machine ?, Henning Brauer, (Sat Sep 22, 4:29 am)

Re: OpenBSD firewalls as virtual machine ?, Nick Holland, (Sat Sep 22, 7:53 am)

Re: OpenBSD firewalls as virtual machine ?, Douglas A. Tutty, (Sat Sep 22, 8:36 am)

Re: OpenBSD firewalls as virtual machine ?, ttw+bsd, (Sat Sep 22, 3:50 pm)

Re: OpenBSD firewalls as virtual machine ?, Luca Corti, (Sat Sep 22, 4:35 pm)

Re: OpenBSD firewalls as virtual machine ?, Darren Spruell, (Sat Sep 22, 4:45 pm)

Re: OpenBSD firewalls as virtual machine ?, n0g0013, (Sat Sep 22, 5:12 pm)

Re: OpenBSD firewalls as virtual machine ?, Eduardo Tongson, (Sat Sep 22, 8:12 pm)

Re: OpenBSD firewalls as virtual machine ?, David Gwynne, (Mon Sep 24, 4:59 am)

Re: OpenBSD firewalls as virtual machine ?, Die Gestalt, (Mon Sep 24, 5:56 am)

Navigation

Popular discussions


linux-kernel:
Greg Kroah-Hartman	[PATCH 041/196] kobject: add kobject_init_and_add function
Lukas Hejtmanek	Re: Another libata error related to OCZ SSD
Greg Kroah-Hartman	[PATCH 023/196] MCP_UCB1200: Convert from class_device to device
Florian Fainelli	Re: System clock runs too fast after 2.6.27 -> 2.6.28.1 upgrade
Christoph Lameter	[patch 1/4] mmu_notifier: Core code
git:
Johannes Schindelin	Re: [PATCH 1/2] Add strbuf_initf()
John Bito	[EGIT] Push to GitHub caused corruption
Jakub Narebski	Re: [PATCH 0/2] gitweb: patch view
Junio C Hamano	Re: [PATCH] When a remote is added but not fetched, tell the user.
Andy Parkins	Re: [RFC] Submodules in GIT
git-commits-head:
Linux Kernel Mailing List	ahci: Workaround HW bug for SB600/700 SATA controller PMP support
Linux Kernel Mailing List	V4L/DVB (11086): au0828: rename macro for currently non-function VBI support
Linux Kernel Mailing List	ceph: client types
Linux Kernel Mailing List	ceph: on-wire types
Linux Kernel Mailing List	crypto: chainiv - Use kcrypto_wq instead of keventd_wq
linux-netdev:
Andrew Morton	Re: [Bugme-new] [Bug 14969] New: b44: WOL does not work in suspended state
Giuseppe CAVALLARO	Re: [PATCH 03/13] stmmac: add the new Header file for stmmac platform data
Taku Izumi	[PATCH 3/3] ixgbe: add registers etc. printout code just before resetting adapters
Eric Dumazet	rps: some comments
Thomas Gleixner	Re: [RFC PATCH 02/12] On Tue, 23 Sep 2008, David Miller wrote:
openbsd-misc:
Stephan Andreas	problems with login after xlock in OpenBSD release 4.7
pmc	Make A Change. Alcoholism and Drug Addiction Treatment
ropers	Re: what exactly is enc0?
Fuad NAHDI	Re: What does your environment look like?
Matthew Szudzik	Typo on OpenBSD 4.4 CD Set

Colocation donated by:

Syndicate