[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Need help


  • To: <xen-users@xxxxxxxxxxxxx>
  • From: <admin@xxxxxxxxxxx>
  • Date: Sun, 13 May 2012 10:01:10 -0500
  • Delivery-date: Sun, 13 May 2012 15:02:50 +0000
  • Importance: Normal
  • List-id: Xen user discussion <xen-users.lists.xen.org>
  • Thread-index: Ac0wiEl5l2hG3ApXQSeFFMEu5kETSgAkHhgg

There is no off the shelf exploit for doing that.  It is possible that some unknown vulnerability exists and maybe you could find it if you work hard enough on it, but there is no known exploit like this at this time.  You should probably pick a different (easier) project for your academic study if you have some urgent time constraints (such as a due date for your project).

 

-----Original Message-----
From: xen-users-bounces@xxxxxxxxxxxxx [mailto:xen-users-bounces@xxxxxxxxxxxxx] On Behalf Of Omkar Kulkarni
Sent: Saturday, May 12, 2012 4:42 PM
To: Ian Tobin
Cc: xen-users@xxxxxxxxxxxxx
Subject: Re: [Xen-users] Need help

 

I am a student of engineering from India. I am working on my single laptop only. As a part of my academic study I an working on xen security issues. In this study, I need to simulate a simple or any attack to dom0 or domU like hijacking , or denial of service attack etc. I want to ask, how can i exploit domU or dom0 from domU. Is there any procedure/steps/material to do that? I need an urgent help

On Sun, May 13, 2012 at 2:58 AM, Ian Tobin <itobin@xxxxxxxxxxxxx> wrote:

You’ve not really given us much to go on but the question is why do they need it?

 

If they need it to manage the server then giving them access to dom0 from a domu makes no difference than giving access to the world by giving them the root password. Dom0 should be treated like a domu, it is in itself a VM only is has more functionaility and can obviously destroy the server in the wrong hands.  This is of course assuming you have no lock down on dom0 with iptables etc.

 

In answer to the question about threat to domu, probably not much if it is just SSH access.

 

I think you need to give more info on how your current system is configured and what the reasons are for the requirement you have specified.

 

Personally I wouldn’t want anyone having access to dom0 unless it was for management purposes and then they would be accountable for anything going wrong.

 

Ian

 

 

From: xen-users-bounces@xxxxxxxxxxxxx [mailto:xen-users-bounces@xxxxxxxxxxxxx] On Behalf Of Omkar Kulkarni
Sent: 12 May 2012 21:26
To: xen-users@xxxxxxxxxxxxx
Subject: [Xen-users] Need help

 

Is it possible to get dom0 access from domU? And if I have dom0 access, what are the threats to domU? Is it possible to simulate an attack on dom0 or domU? I need a urgent help, As my academic work I am working on it.




--
Regards:
Omkar Kulkarni
Ph:09420816727

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.