[dundee] VM Server 2 Update

Lee Hughes toxicnaan at yahoo.co.uk
Fri Oct 3 20:31:08 UTC 2008


That's interesting? I suppose it's done for convenience ? it must of https option or
something like , not that it saves you from xss attacks all, but it helps!

if your worried about secuity , you could also tunnel http through ssh to do a bit
of port forwarding magic at the other end.


Another option is to stick the admin interfaces in it's own vlan, not much use if you
using the internet as a management pipe, some sort of vpn might be worth looking at.

you don't say where the remote end it, is it on your lan? 


--- On Fri, 3/10/08, gordon dunlop <astrozubenel at googlemail.com> wrote:
From: gordon dunlop <astrozubenel at googlemail.com>
Subject: [dundee] VM Server 2 Update
To: "Tayside Linux User Group" <dundee at mailman.lug.org.uk>
Date: Friday, 3 October, 2008, 10:46 AM

I have been playing about with this for a couple of days, whilst the
functionality has greatly increased from previous versions the one
thing that really concerns me is security. The main console for
management is through a web browser, virtual machines are supposed to
have security through isolation and here we are logging in as root
through a web browser, normally the weakest layer of resistance for
attacks from hackers. It seems to me that VMWare are sacrificing
security for functionality, maybe the ethical hackers can comment on
this with their specialist knowledge.  Anyway I have gone back to
VMWare version 1.07 because of this, just for the record VMWare is not
my principal method of virtualisation, I also use Virtual Box, Xen,
Qemu etc. etc. I like to keep abreast of new developments in
virtualisation technology so I use as many different methods as I can.

Gordon

_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk  http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/dundee/attachments/20081003/0c0aa275/attachment-0001.htm 


More information about the dundee mailing list