Scott Granneman, 2006-04-12
Sometimes we don't really see what our eyes are viewing. That's true with your computer screen, and it's true in nature as well. Oh sure, we can say what we think we're seeing, but we're missing the big story such as the man behind the curtain, to recall a famous phrase from an even more beloved movie.
Colapse all |
Post comment
Virtualization for security
2006-04-13
Anonymous (1 replies)
Anonymous (1 replies)
And not really secure.
This doesn't remove the requirement for windows to have a complete set virus scanners, patches, and rebuilds/installs.
It just makes the rebuilds/installs a little easier.
The actual data being manipulated by windows is just as vulnerable as it always is.
Do not th...
[ more ] [ reply ]
This doesn't remove the requirement for windows to have a complete set virus scanners, patches, and rebuilds/installs.
It just makes the rebuilds/installs a little easier.
The actual data being manipulated by windows is just as vulnerable as it always is.
Do not th...
[ more ] [ reply ]
Re: Virtualization for security
2006-04-13
Anonymous (2 replies)
Anonymous (2 replies)
O'Realleh? For one think, the strategy Granneman is advocating would make patch management and rollout a lot easier and cheaper - simply keep applying those incremental bugfixes to VM images and archive every patched up version onto something cheap like tape or optical discs. If the patch causes s...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Re: Virtualization for security
2006-04-14
Anonymous
Anonymous
ummmmm.... no.
Corrupted data files will still be corrupted.
Just rebooting (which I stated) will make RECOVERY easier, but the corrupted data files will still be lost, along with them the users work.
Now how long did it take the user to get the data into shape before it was lost?
Got ev...
[ more ] [ reply ]
Corrupted data files will still be corrupted.
Just rebooting (which I stated) will make RECOVERY easier, but the corrupted data files will still be lost, along with them the users work.
Now how long did it take the user to get the data into shape before it was lost?
Got ev...
[ more ] [ reply ]
Re: Re: Virtualization for security
2006-04-14
Anonymous
Anonymous
"This would be helluvva fun, too, for upgrading from one OS to another."
Oh... you mean like we did back in 1990 with SunOS??
Patch the master - send a reboot command to all the clients... all done.
Yes it will be nice to be able to get back to what had been current tech ... 15 years ago.
...
[ more ] [ reply ]
Oh... you mean like we did back in 1990 with SunOS??
Patch the master - send a reboot command to all the clients... all done.
Yes it will be nice to be able to get back to what had been current tech ... 15 years ago.
...
[ more ] [ reply ]
One addition on WindowsInVM
2006-04-13
Nicholas weaver
Nicholas weaver
Use network booting for linux. Now not only is there NO local state ("nuking/patching" is just turn on/off even for the base), but with the common images for most people, cached in the fileserver memory, it will IMPROVE performance, as with modern networks, accessing the file server's memory cache ...
[ more ] [ reply ]
[ more ] [ reply ]
Virtualization for security
2006-04-13
Anonymous (1 replies)
Anonymous (1 replies)
You don't actually need to shell out for VMWare Workstation to make VMs. I can't really afford $175, so I use a hack - you can create VMware format disk images with qemu, an open source PC emulator bundled with most Linux distros and available for Windows - qemu-img create -f vmdk filename.vmdk 10G ...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Virtualization for security
2006-04-15
Anonymous
Anonymous
The newly made FREE (as in beer) VMware Server is also a good way to build virtual machines to be run later in VMware Player.
For that matter, VMware server (now at beta 2, but quite usable in production with some careful monitoring) is also perfectly usable as a poor man's substitute for VMware ...
[ more ] [ reply ]
For that matter, VMware server (now at beta 2, but quite usable in production with some careful monitoring) is also perfectly usable as a poor man's substitute for VMware ...
[ more ] [ reply ]
VMs
2006-04-14
Joachim
Joachim
Of course, all this niceness assumes that the virtual machines are properly separated, that they cannot get to other VMs by the network (after all, those might have the same problems), and that you've got plenty of RAM.
Real OSes don't need this. If you run a UNIX-like OS with sane defaults, tigh...
[ more ] [ reply ]
Real OSes don't need this. If you run a UNIX-like OS with sane defaults, tigh...
[ more ] [ reply ]
Virtualization for security
2006-04-14
Bill (1 replies)
Bill (1 replies)
I've been thinking about virtualization for security for some time. However, my need is to be able to better secure domain controllers at remote locations. At the moment, DCs at a remote locations are vulnerable because there is insufficient physical security. If we could virtualize the DC and then ...
[ more ] [ reply ]
[ more ] [ reply ]
Autostart Tutorial
2006-04-17
Joe (1 replies)
Joe (1 replies)
Does anyone have information on how to perform the scenario the author is describing? A stripped down linux distro that automatically boots a previously created Windows image?
Thanks....
[ more ] [ reply ]
Thanks....
[ more ] [ reply ]
Virtualization for security
2006-04-17
Anonymous (1 replies)
Anonymous (1 replies)
It's a pity that the whole bunch of projects and products that do OS-level virtualization is not mentioned at all. The fact is OS level virtualization makes it able to run apps on a native speed, so you do not have to lose anything when you get the ability to run your apps in a separated virtual env...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Virtualization for security
2006-05-02
Anonymous
Anonymous
The problem with the OS virtualization solutions compared to the hardware virtualization is basically twofold:
1) Easier to break out of a chroot than a hardware VM
2) You are stuck with your base OS. This means protecting the insecure Windows system that *REQUIRES* Windows 95/98 is not possible....
[ more ] [ reply ]
1) Easier to break out of a chroot than a hardware VM
2) You are stuck with your base OS. This means protecting the insecure Windows system that *REQUIRES* Windows 95/98 is not possible....
[ more ] [ reply ]
Great in theory, but...
2007-10-18
Chris Buechler
Chris Buechler
Running your desktop PC's as a VM has some benefits, but the drawbacks are big enough that it shouldn't be considered in most environments. First, if you're running a base OS other than your standard OS, say a Linux machine with a Windows VM for the user, now you have to administer two machines for ...
[ more ] [ reply ]
[ more ] [ reply ]
[ more ] [ reply ]