Hi Gordon, lots of people have responded since you wrote that mail - so most of what I was going to say has already been addressed - but I still feel the need to respond to two things.
Gordon Bos wrote: > Whether it's stupid or not, that *is* what I'm doing at home. Who said anything about "stupid"? You're the first to use that term. Whatever works for you is fine with me (and should be fine with the rest of the world, unless you're doing something incredibly stupid, which as far as I can tell, you're not doing). > I'm simply > not rich enough to run multiple physical servers and the house is also > full enough the way it is. I guess it's not a matter of being "rich" (dangerous term, because it's highly relative - just ask any person you consider "rich" - I'm sure they don't think they are...). In the good old (LRP) days, I ran my firewall on old computers that were no longer powerful enough to run the wonderful products from Redmond (I think the first one was a 80486-DX4), which cost nothing other than space and electricity. These days, I use WRAP and Soekris boxes, which aren't for free, but offer enough value that I'm willing to pay for them (especially the WRAP boxes, which IMHO are very reasonably priced). Where money doesn't matter as much (i.e. at work), we use Nexcom boxes, simply because they have a nice selection, and they fit nicely into a 19' rack. > But I am curious. How would you go about on a virtual machine over which > you gained control that would compromise the host? I wouldn't, since breaking into other people's computers is not what I do these days. But hypothetically, it should be possible, for example using a security flaw in VMWare (and history teaches us that no fixed security issue is ever too old to work, because people tend to be very bad at applying patches). For a relatively recent issue see http://www.heise-security.co.uk/news/96272 , where it specifically says "Attackers can exploit these vulnerabilities to, for example, break out of the guest system in the virtual machine". Yes, you need to break into the LEAF box first, but once one has done that, one is in a better position than if the LEAF box where a physical computer, since (assuming the aforementioned vulnerability is still present) it's relatively easy to break out of the VM and then have a "proper" computer at one's disposal. To me, it comes down to the fact that the more software is involved, the more likely it is that there's a hidden security issue, that we don't know about yet, but that the "bad guys" are actively exploiting. Call me paranoid... To look at things from a different angle - if I spend $200 for a Soekris or WRAP box (to pick some arbitrary amount - I don't know what the current prices are since I didn't need to buy anything from those companies lately), at least I know that a DOS against my firewall will not shut down everything else on my internal net. If all my servers run on the machine that's also the host for my firewall, it's at least possible that a DOS against the firewall will also affect the other virtual machines. If my firewall is on a different physical box, I might not be able to read my email (since none is coming through due to the DOS), but at least I can still work using my file server, database server, application server and so on. For the typical home user, that might not make a difference, but it does to me (which is why I don't run my firewall on a VM run on a host that's also hosting other things I need). Don't get me wrong - I use VMs for all kinds of things, and I like the possibilities that "virtualizing" a server gives me (to me, it is especially great for testing, and for emulating the environment that will present itself at a customer's site, or for making sure that I don't need yet another physical server for yet another project), but for the connection to the internet, I prefer a physical box (or rather two, so the outer firewall can service the DMZ as well). Does that mean that what you're doing is "stupid"? Surely not, as far as I'm concerned. But I don't think that installing LEAF on a VM should be suggested to a newby, who seems to not fully have understood what LEAF actually is, either. Martin ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/