At 12:01 PM 4/3/2006, Michael.Dillon@btradianz.com wrote:
Xen's bigges strength really is in the colocation business. With VX-enabled machines, it is capable of running instrumented OS's (Linux, Free/NetBSD) at almost native speeds, and non-instrumented OS's (Windows, Solaris) with a couple-% hit. It's that flexibility that leads to colo as the market where Xen shines.
People seem to be thinking that Xen is only for sharing a colo machine with somebody else. But it could just as well be used for one organization to isolate each major application to a single virtual server, i.e. email server, general web server, wiki server, hot web app server, Asterisk server, etc. This way, when one of the applications justifies its own server, migration is somewhat simpler because it is not entangled with other applications.
Now that is what I have in mind. For me this is esp important where I have something nasty like a guy hosting a bunch of forums that are always not getting updated and getting defaced or worse. Until now I have had a dirty machine for stuff I know could lead to problems like that. But that brings up another question, how far isolated are different instances from each other really?
-- Michael Dillon
On Mon, 3 Apr 2006, Eric Frazier wrote:
Now that is what I have in mind. For me this is esp important where I have something nasty like a guy hosting a bunch of forums that are always not getting updated and getting defaced or worse. Until now I have had a dirty machine for stuff I know could lead to problems like that. But that brings up another question, how far isolated are different instances from each other really?
This is now straying really OT. I answered some of this offlist, but generally, the best place for technical background on Xen is its home: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ -- -- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>
Todd Vierling wrote:
This is now straying really OT. I answered some of this offlist, but generally, the best place for technical background on Xen is its home:
This forum is about operating. I guess if some bad operators separated their poorly managed systems with things like Xen, then Gadies drone armies would drown. Suppose you have the users 'root', 'morone' and 'monkey'. Guess who root is? monkey is running an old and buggy forum software - gets hacked everyday ... morone is running an ftp-server with anonymous access. Neither morone nor monkey can bring the system down because neither of them has root access. Both are chrooted as seen from 'root' If morone gets hacked then his ftp-server is gone but the hackers cannot deface monkeys html-site. If the hackers get monkey they dont have a clue about morone's ftp-servers. The guys are splendidly isolated and root has an undesturbed sleep. Best is: You dont run anything that is not needed. If you run only a single application, your system is not worth the time it takes to hack it :) Cheers Peter and Karin Dambier -- Peter and Karin Dambier The Public-Root Consortium Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: peter@peter-dambier.de mail: peter@echnaton.serveftp.com http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/
On Mon, 03 Apr 2006 23:16:40 +0200, Peter Dambier said:
Best is: You dont run anything that is not needed. If you run only a single application, your system is not worth the time it takes to hack it :)
For the benefit of people reading the archives in search of clue: There's a smiley on that, because Peter knows full well that the single biggest security problem on the Internet is boxes that are running one application, or end-user boxes, that aren't run in a secure manner because there's nothing of interest on the box. If the box has an IP address, and an Internet connection, it's *always* of interest, if only as a zombie or a steppingstone box to launder a connection.
On Tue, 4 Apr 2006 Valdis.Kletnieks@vt.edu wrote:
On Mon, 03 Apr 2006 23:16:40 +0200, Peter Dambier said:
Best is: You dont run anything that is not needed. If you run only a single application, your system is not worth the time it takes to hack it :)
For the benefit of people reading the archives in search of clue: There's a smiley on that, because Peter knows full well that the single biggest security problem on the Internet is boxes that are running one application, or end-user boxes, that aren't run in a secure manner because there's nothing of interest on the box.
though one application means a very simple host, firewall, audit: 1) its running smtp 2) its filtered to permit any -> tcp/25 tcp/25 -> any 3) its log auditor (offline on the log host of course) flags anything NOT smtp presume that smtpd is, of course, hardened and patched and looked-after properly... Sean is right, anything with an ip address is a target, perhaps not a focused target, but a target none-the-less. If it's on the internet take proper precautions.
If the box has an IP address, and an Internet connection, it's *always* of interest, if only as a zombie or a steppingstone box to launder a connection.
oh zombies... where would we be without thee?
On Mon, Apr 03, 2006 at 12:05:25PM -0700, Eric Frazier wrote:
machine for stuff I know could lead to problems like that. But that brings up another question, how far isolated are different instances from each other really?
Fairly well -- a lot better than (eg) vservers, and almost certainly better than UMLs. To get into the host, you'd need to subvert one of the backend drivers via the guest in such a way that you got the ability to run some sort of subversive command in the host. The possibility of a DoS (crash) is much higher than a take-over compromise, but even then it's not something I'd be inclined to worry about deeply. - Matt
On Tue, Apr 04, 2006 at 08:11:32AM +1000, Matthew Palmer <mpalmer@hezmatt.org> wrote a message of 14 lines which said:
Fairly well -- a lot better than (eg) vservers, and almost certainly better than UMLs.
Because they are different virtualisation solutions with different requirments. If you have unrelated customers, who do not trust each other, Xen (or UML) is OK. If you just want to put one service on a different machine but do not have the money (or the rack space) to dedicate a box to just DHCP, Linux Vservers or FreeBSD jails are fine.
participants (7)
-
Christopher L. Morrow
-
Eric Frazier
-
Matthew Palmer
-
Peter Dambier
-
Stephane Bortzmeyer
-
Todd Vierling
-
Valdis.Kletnieks@vt.edu