Re: Can we run a qemu instance as a dedicated home network firewall?
- From: Mitchell Laks <mlaks@xxxxxxxxxxxxxxxx>
- Date: Mon, 31 Mar 2008 00:07:03 -0400
On 14:04 Sun 30 Mar , Douglas A. Tutty wrote:
On Sun, Mar 30, 2008 at 11:20:26AM -0400, Mitchell Laks wrote:
Can we use a virtual qemu linux machine as a firewall for
a real home network?
Well, on normal i386 hardware (unlike e.g. Zseries with LPARs),
virtualization doesn't gain you any security really. Think of it this
way: the only way an attacker can break the firewall if its running
natively on the one box, is a bug in the kernel. With virtualizaiton,
you're relying on both no bugs in the kernel and no bugs in the quemu.
A very good point. Thank you.
This comes up a lot on misc@xxxxxxxxxxxx Their analysis shoes that it
decreases security to use software virtualization.
Those old 486s didn't themselves take much power. If the problem is
noise, you could replace the drives with industrial CF cards for the
firewall.
Also a great idea. I see cf-hard drive adapters and drives are very cheap.
Thank you very much,
Mitchell
doug.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
- References:
- Can we run a qemu instance as a dedicated home network firewall?
- From: Mitchell Laks
- Re: Can we run a qemu instance as a dedicated home network firewall?
- From: Douglas A. Tutty
- Can we run a qemu instance as a dedicated home network firewall?
- Prev by Date: Re: want to speed up laptop
- Next by Date: number of users accessing a wireless network
- Previous by thread: Re: Can we run a qemu instance as a dedicated home network firewall?
- Next by thread: Re: Can we run a qemu instance as a dedicated home network firewall?
- Index(es):
Relevant Pages
- Re: Can we run a qemu instance as a dedicated home network firewall?
... virtualization doesn't gain you any security really. ... you're relying
on both no bugs in the kernel and no bugs in the quemu. ... To UNSUBSCRIBE, email
to debian-user-REQUEST@xxxxxxxxxxxxxxxx ... (Debian-User) - Re: dual booting
... One way around all of this is virtualization with Virtual PC 2004, VMware, ...
Virtualization has really changed how one can do multiple OS's. ... > hard drives
and multiple partitions. ... > partition from one drive to another. ... (microsoft.public.windowsxp.basics) - ubuntu-users Digest, Vol 39, Issue 98
... To subscribe or unsubscribe via the World Wide Web, ... virtualization
which one to choose? ... vmware for portability and for its support community ...
did what you suggested - compiz complete removal of Compiz the ... (Ubuntu) - Re: [patch] bug in cpuid & msr on nosmp machine
... Think vmware and virtualization, where partitions could get CPUs ...
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in ... (Linux-Kernel)
