Security Basics mailing list archives
Re: VMware ESX
From: "Captain Quirk" <i.c.weiner () gmail com>
Date: Mon, 21 Apr 2008 12:30:24 -0700
NOBODY has any feedback about this? That's really surprising. Like, REALLY surprising... My (limited) understanding is that if they hack into a machine within the cluster they've essentially hacked into EVERY machine in that cluster. How big of a deal that is, though, I'm not sure. If you consider that the same can be said if someone hacks into any machine on your NETWORK, then what's the difference? I also note you said "cluster"; are you referring hacking into the ESX layer and not the guest OS? At the ESX layer there are proof of concept attacks but none in the wild that I am aware of. Any body's guess as to how vulnerable you would be, as well. I suppose a lot of that would depend on best practices and how they're adopted to your network. I'd also make sure IDS was running and pushing the data off to a remote syslog server... Can anyone expand on this, please? Personally I'd love to get a greater understanding.... Thanks. On Mon, Apr 21, 2008 at 5:23 AM, Paul Heywood <Paul.Heywood () unitypartnership com> wrote:
Hi forum, we've got a VMware ESX group of servers running on the inside of our network. Our server team want to extend this to include some DMZ servers. How vulnerable would this leave the internal network ? Am I correct in thinking that if the VMware cluster was hacked, this would give them access to the internal network ********************************************************************** The information in this e-mail is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you have received it in error, please notify us immediately by replying to this e-mail and then delete it from your system. This note confirms that this email message has been swept for the presence of computer viruses, however we advise that in keeping with good IT practice the recipient should ensure that the e-mail together with any attachments are virus free by running a virus scan themselves. We cannot accept any responsibility for any damage or loss caused by software viruses. The Unity Partnership Ltd, registered in England at West Hall, Parvis Road, West Byfleet, Surrey UK KT14 6EZ. Registered No : 5916336. VAT No : 903761336. **********************************************************************
-- "Dear God, save us from the people who believe in you." -- post-9/11 graffiti
Current thread:
- VMware ESX Paul Heywood (Apr 21)
- Re: VMware ESX Predrag (Apr 21)
- Re: VMware ESX Captain Quirk (Apr 21)
- RE: VMware ESX TVB NOC (Apr 21)
- Message not available
- Re: VMware ESX Tyler Reguly (Apr 22)
- RE: VMware ESX TVB NOC (Apr 22)
- RE: VMware ESX TVB NOC (Apr 21)
- <Possible follow-ups>
- Re: VMware ESX Robert Taylor (Apr 21)
- RE: VMware ESX Yahsodhan Deshpande (Apr 21)
- Re: VMware ESX Eric Kollmann (Apr 22)