> > attacker knows about and has not been patched. Simply breaking into
> > virtual Leaf will not provide you with access to the host system.
> Actually I had thought about this myself but figured if it had to come
> to that they'd most likely give up.
Really? What you mean to say is, "if it
> Does that mean that what you're doing is "stupid"? Surely not, as far as
> I'm concerned. But I don't think that installing LEAF on a VM should be
> suggested to a newby, who seems to not fully have understood what LEAF
> actually is, either.
I agree, this is not an environment to take lightly.
Hi Gordon,
lots of people have responded since you wrote that mail - so most of
what I was going to say has already been addressed - but I still feel
the need to respond to two things.
Gordon Bos wrote:
> Whether it's stupid or not, that *is* what I'm doing at home.
Who said anything about "stupid
Muiz Motani wrote:
> Can you tell us where we can order the Nexcom systems from and how much
> they cost?
They have local distributors (which they are for your country should be
available on their website at www.nexcom.com - but beware, it seems this
is a "IE only" site - it seems to be utterly b
>I see, so you're supposing there isn't an exploit? How do you "prove
a negative"?
I didn't say there wasn't an exploit. I'm not sure where you got that - I
actually pointed out that similar exploits have been found in the past and
patched.* All I was pointing out was your incorrect assumption
> Back in the day, I had a SLMR tagline that said: "Real programmers type
> C:> COPY CON: PROGRAM.EXE". That was funny in the days of standalone
> DOS and keyboards. But in a networked system it ain't so funny! It
> goes back to that "co-operation" point I made above.
That's wat Charles said t
Can you tell us where we can order the Nexcom systems from and how much
they cost? Also, has anybody done any analysis to see if these systems
are overkill? LEAF should not need Xeon processors, even for 24 Gbit
ports.
On Fri, 2008-01-18 at 09:02 +, Erich Titl wrote:
>
> cpu memhd wro
On Fri, 18 Jan 2008 09:45:55 -0800, "Paul Rogers"
<[EMAIL PROTECTED]> said:
> The real problem is the one which has always been Windows' downfall.
> For all that virtualization buys you, there are always situations
> where people discover that what they (think they) want to do would
> be greatly e
> Its not that simple. This assumes (as does C) that there is an unknown
> attack vector exploitable from a compromised Leaf system, which the
> attacker knows about and has not been patched. Simply breaking into
> virtual Leaf will not provide you with access to the host system.
I see, so you'
I've been waiting for beta 3 (of uClibc 3.1) to fix the dhcpcd
(actually busybox) showstopper in beta 2. It came out while I was
traveling. Normally I wouldn't upgrade my LEAF box while outside the
network, but the airport shuttle I traveled home on had WiFi, and so
an hour from home decided to g
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gordon Bos wrote:
| I suppose there might be ways that a skilled hacker could break through
| once he's taken control of LEAF. He'd still need the tools for it though
| and with only the bare minimum available I fail to see where he'd get
them.
There
>> If you're running on a virtual machine, a) you can't power-off with
> impunity,
>
> Of course you can. You can boot a VM off of read only media as easily as you
> can a physical machine - although I have not had any luck using the large
> floppy image under VMWare server.
Why bother? I've neve
>If you're running on a virtual machine, a) you can't power-off with
impunity,
Of course you can. You can boot a VM off of read only media as easily as you
can a physical machine - although I have not had any luck using the large
floppy image under VMWare server.
>b) a compromised firewall virtua
cpu memhd wrote:
> Hey Erich,
>
> I haven't tried it. But I thought I should comment on the architecture. It
> uses the Xeon Blackford chipset, which uses FB-DIMMS, which run very hot.
> I have 4 DIMMS, 4GB RAM in one of my personal servers, a 5000V Blackford
> and the DIMMs seem to generate lot
Whether it's stupid or not, that *is* what I'm doing at home. I'm simply
not rich enough to run multiple physical servers and the house is also
full enough the way it is.
Since my DSL router is a b*tch of a thing (I got it for free) I uploaded
the firmware that makes it an old type PPTP modem.
15 matches
Mail list logo