Home page logo

pen-test logo Penetration Testing mailing list archives

RE: VMWare and which linux distro?
From: "Pete Herzog" <pete () isecom org>
Date: Sat, 17 Jan 2004 01:17:22 +0100


In our testing lab, we have seen some problems with the sending and
receiving of various types of TCP / UDP packets from within a Virtual
Machine as part of an attack system.  Now this won't effect all security
tests but it has become a problem in the scalpel-like precision required for
certain tests where we are looking for certain packets within a given time
frame.  Source and Destination ports, for instance, comes to mind as an
example of the corruption occurring with tests.  Our suspician is a
corruption which occurs in the binding with the ethernet card and regardless
of OS or whether the VM has it's own external IP address or not, it still
occurs enough that we had to stop using a VM to make tests from.

We have not done any further tests on this.  Has anyone else seen this
problem though?  Anyone have more information on this?


Pete Herzog, Managing Director
Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.isestorm.org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]