Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: VMWARE/DMZ Question

from [Kumra, Vipul] Network Security [Permanent Link]
Subject: RE: VMWARE/DMZ Question
Date: Fri, 22 Jul 2005 12:41:58 +0530 
Hi Richard,

My thoughts on this...

I would say it won't be a good decision to connect a DMZ and trusted network in 
this fashion. 

Still if it is done there are some recommendations (I am sure I am covering 
less than 25%)

In case the host OS gets compromised, there is a possibility of entire system 
getting compromised. Altough, this might hold true incase the guest system gets 
compromised. Therefore, since VMware proxies system calls and provides access 
to the hardware mediated through the host operating system it is critical that 
the host operating system be secure.

The major advantage of virtual disks is convenience, however you will lose much 
of any ability to perform forensics. It is therefore recommended that you have 
separate hard disks for the two VM machines, this will ease partitioning and 
make potential cross contamination less likely (It might be debatable as cross 
contamination of the disk is highly unlikely). 

Regards,
Vipul Kumra



-----Original Message-----
From: Richard St John [mailto:Richard.StJohn@gbe.com]
Sent: Friday, July 22, 2005 2:09 AM
To: firewalls@securityfocus.com
Subject: VMWARE/DMZ Question


Hello List,

This is not necessarily a firewall question, but would like opinions.

One of our managers would like to take a server running VMWARE and
connect it to our DMZ and assigning specific OSs to the DMZ NIC. Not bad
so far, 8 or 9 servers running through one NIC on our DMZ.

The hmmmm part of the problem is the servers he wants to use already
have another NIC on our internal server network and is running 2 or 3
servers.

So essentially he is asking to put the same server on our internal
network and our DMZ, using VMWARE which he assures me cannot be
compromised in such a way that the compromised OS can see the NIC card
it is not assigned to see. The installed OS for each VMWARE section can
only see what it is assigned to see and cannot see the rest of the
machine(s) and hardware.

Having not worked with VMWARE as much as I would like to, can someone
see any issues with this, confirm it works securely, or confirms it
fails miserably.

I am leery about it because I have one machine on two networks that
essentially traverse the firewall. Is VMWARE secure enough to do this?

Thought, comments, suggestions

Richard St. John
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SYSLOG server position, tanvir hashmi
Next by Date:  Re: SYSLOG server position, Kevin
Previous by Thread:  Re: VMWARE/DMZ Question, Bruce Martins
Next by Thread:  Personal Firewalls, linux starved
Indexes:  [Date] [Thread] [Top] [All Lists]