[ale] mental tinkering

Jim Kinney jim.kinney at gmail.com
Wed Mar 18 22:02:57 EDT 2009


I have a preference for doing everything in Linux. So a
brain[storm|strain] I was looking at was a combined firewall machine
and office lan samba/mail/print server.

OK so it sounds dumb until I throw in that the two machines are
virtual ones. So 1 physical box with 2 nics, outside and inside. Dom0
owns hardware and provides dom1 - firewall, and dom2 - monster all
else. firewall get both nics and monster gets virtual on inside.

Security issues with virtual machines are my concern with this. How
much "leakage" is there possible from dom1 to break out and control
dom0?

How about dom0 as controller AND firewall and dom1 as monster?

Ideas? Thoughts? Rotten vegetables?

-- 
-- 
James P. Kinney III


More information about the Ale mailing list