Re: Can we run a qemu instance as a dedicated home network firewall?
- From: Mitchell Laks <mlaks@xxxxxxxxxxxxxxxx>
- Date: Mon, 31 Mar 2008 00:07:03 -0400
On 14:04 Sun 30 Mar , Douglas A. Tutty wrote:
On Sun, Mar 30, 2008 at 11:20:26AM -0400, Mitchell Laks wrote:
Can we use a virtual qemu linux machine as a firewall for
a real home network?
Well, on normal i386 hardware (unlike e.g. Zseries with LPARs),
virtualization doesn't gain you any security really. Think of it this
way: the only way an attacker can break the firewall if its running
natively on the one box, is a bug in the kernel. With virtualizaiton,
you're relying on both no bugs in the kernel and no bugs in the quemu.
A very good point. Thank you.
This comes up a lot on misc@xxxxxxxxxxxx Their analysis shoes that it
decreases security to use software virtualization.
Those old 486s didn't themselves take much power. If the problem is
noise, you could replace the drives with industrial CF cards for the
firewall.
Also a great idea. I see cf-hard drive adapters and drives are very cheap.
Thank you very much,
Mitchell
doug.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
- References:
- Can we run a qemu instance as a dedicated home network firewall?
- From: Mitchell Laks
- Re: Can we run a qemu instance as a dedicated home network firewall?
- From: Douglas A. Tutty
- Can we run a qemu instance as a dedicated home network firewall?
- Prev by Date: Re: want to speed up laptop
- Next by Date: number of users accessing a wireless network
- Previous by thread: Re: Can we run a qemu instance as a dedicated home network firewall?
- Next by thread: Re: Can we run a qemu instance as a dedicated home network firewall?
- Index(es):
Relevant Pages
|
