Re: [Xen-users] Xen Security

[Bart Coninckx <bart.coninckx@xxxxxxxxxx>]

On Friday 16 July 2010 12:27:46 Jonathan Tripathy wrote:
> I think the challenges are bigger than with separate physicals boxes. You
>  have to approach from a theoretical point of view. It's not that because
>  there are no breaches or exploits today, that there will never be. The
>  theory is this: maximum seclusion is maximum security. Two separate boxes
>  in two separate networks in let's say two separate buildings (physical
>  security is also part of the game)  will be the most secure. Xen presents
>  an exception to this: the seclusion is created by software. In theory it
>  is the same thing as physical seclusion, until the software fails or is
>  compromised.
> Another thing is human error: you WILL make mistakes. One of those mistakes
> may open open the wrong port, erase the wrong LUN, bridge the wrong NIC.
>  I've done quite some security in my time and the biggest problem is always
>  human error. We need to humbly acknowledge this.
> In short: it's certainly a bigger risk, but the consequences of
>  compromising your server might lead you to accept this risk.
> 
> ---------------------------------------------------------------------------
> -----------------------------
> 
> I 100% agree with you on this :) By splitting things up, you can limit the
>  "damage zone".  And I can see what you mean about the human area - you
>  really need your head screwed on when working with all this stuff!
> 
> Do people on this list generally trust Xen with their private data, mixed
>  with public VMs? The folks over at Slicehost, Amazon etc.. seem to...
> 

I would be surprised if Amazon does this. Only their management stuff will be 
connected to the pulbic infrastructure.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users