Rootkit Hunter
Martin Marcher
martin.marcher at openforce.com
Sat Dec 23 16:43:42 UTC 2006
Am 23.12.2006 um 16:33 schrieb Gabriel Dragffy:
> I think perhaps that when we're talking about this kind of virus it
> isn't limited to just VMware. Imagine a virtual server service that
> has
> a single computer hosting 50 operating systems using Xen
> technology. Now
> think about the trouble that a virus could cause all that.
> Horrible. If
> a virus managed to escape the guest OS...
No need to think that this (method) is new. Just think of the very
common chroot environments for
* postfix
* bind
* apache
* etc
This is to some extend the same, postfix doesn't have a clue about
the rest of the system when chrooted, you can't really find out about
it. Also have a look at the way gentoo is installed, if you chroot
to /mnt/myinstall you are trapped inside this directory, how would
you get info about the hosts /proc (or whatever) filesystem.
martin
PS: still it is new as it is now hardware supported and doesn't need
any special environment. Also James Bond is just a mere mortal, his
emails can be faked too so no need for virtualization viruses :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2474 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20061223/6d691632/attachment.bin>
More information about the ubuntu-users
mailing list