Re: Virtual environments security

VMware Workstation, Server (used to to be GSX Server) or ESX Server?

If ESX what version 2 or 3? Assuming ESX then it is a configuration
problem since by default promiscuous mode is disabled. In 2.x it was
a pain to turn on as I recall, but on 3 it is easier. I guess that
isn't entirely true. It can be found in the GUI in 3, but in 2 you
had to go in via the cmd line to do it.

Couldn't say on workstation or Server, but those are both host based
so anything is possible, but based on my tests of late I don't recall
seeing it in workstation.

On 12/28/06, Michel Pereira <michel@xxxxxxxxxxxxx> wrote:
I saw a problem last week when I logged into a Guest OS hosted at a
Virtual Server. I installed ethereal and saw all the traffic that
goes to the entire server, no only my virtual server.
I wanna known if this is a configuration problem of a normal
behavior of every Virtual Machine environment (maybe Vmware has this
problem too)?

Thanks

On Dec 20, 2006, at 4:14 AM, Alcides wrote:

> Hi Octavian,
> I got a couple of links to share:
> http://www.vmware.com/vmtn/technology/security/
> http://vmblog.com/archive/2006/05/23/605.aspx
>
> Cheers!
>
> Octavian Popescu wrote:
>> Hi,
>> Any idea about some good resources on the subject? (VMware,
>> Virtual PC/Server security etc) I'm interested most of all in
>> studies towards the possibility of breaking the virtual env. (vmm
>> in case of vmware) and directly accessing the hw resources but
>> other general info should be just fine.
>> Thanks!
>> Octavian
>>
>> _____________________________________________________________________
>> _______________
>> Do you Yahoo!?
>> Everyone is raving about the all-new Yahoo! Mail beta.
>> http://new.mail.yahoo.com
>> ---------------------------------------------------------------------
>> ---
>> This List Sponsored by: Cenzic
>> Need to secure your web apps?
>> Cenzic Hailstorm finds vulnerabilities fast.
>> Click the link to buy it, try it or download Hailstorm for FREE.
>> http://www.cenzic.com/products_services/download_hailstorm.php?
>> camp=701600000008bOW
>> ---------------------------------------------------------------------
>> ---
>



--
Só Jesus salva, o homem faz backups.
http://www.michel.eti.br




Relevant Pages

  • Re: VMware Workstation vs VMware Server?
    ... Workstation can do it, Server has to use NFS or SAMBA shares. ... I run my Linux VMs without X ... VMware server is fine for them. ...
    (comp.os.linux.misc)
  • Re: VMware Workstation vs VMware Server?
    ... Workstation can do it, Server has to use NFS or SAMBA shares. ... VMWare's console application is for Windows users, ... VMware server is fine for them. ...
    (comp.os.linux.misc)
  • Re: vmware v/s virtual server
    ... extra features, but not much. ... I have been always a fan of Vmware workstation for my own testing purposes! ... However, as the two server products are free, the workstation versions are ...
    (microsoft.public.windows.server.active_directory)
  • Re: Linux Virtual Servers
    ... This does bring me to a question on VMware that I have been wanting to ... Is it possible to run VMware server and workstation on the ... Subject: Linux Virtual Servers ...
    (RedHat)
  • [Full-disclosure] VMSA-2006-0004 Cross site scripting vulnerability and other fixes
    ... VMware Security Advisory ... Several security issues affecting ESX 2.5.x ... This update requires you to boot your server into Linux mode to perform ... When you are prompted to reboot at the end of the upgrade, ...
    (Full-Disclosure)