Hi,
I'm trying to assest the security regarding the IP spoofing or sniffing data by rogue or untrusted kvm guests (or openvz containers running an ethernet device).
My concern is regarding security of running rogue/untrusted or simply uncontrolled virtual machine instances, including the following:
1. A intentional or unintentional sniffing on the virtual ethernet device (kvm/openvz). This could be done by a hacked guest or rogue user.
2. An ip spoofing/changing the IP of a KVM/openvz guest to a different value than originally assigned. This might be used to get traffic for other machines on the same host or perhaps on different hosts.
3. Spoofing of the MAC address assigned to KVM/OpenVZ Ethernet device: Usable to reroute traffic/mim attacks etc.
jinjer
I'm trying to assest the security regarding the IP spoofing or sniffing data by rogue or untrusted kvm guests (or openvz containers running an ethernet device).
My concern is regarding security of running rogue/untrusted or simply uncontrolled virtual machine instances, including the following:
1. A intentional or unintentional sniffing on the virtual ethernet device (kvm/openvz). This could be done by a hacked guest or rogue user.
2. An ip spoofing/changing the IP of a KVM/openvz guest to a different value than originally assigned. This might be used to get traffic for other machines on the same host or perhaps on different hosts.
3. Spoofing of the MAC address assigned to KVM/OpenVZ Ethernet device: Usable to reroute traffic/mim attacks etc.
jinjer