VM-Aware » Security

Freeware Firewall Builder

Paul Shannon — Tue, 26 Aug 2008 10:56:24 +0000

I was wondering if there’’s a GUI that sits on top of iptables to make creation of lengthy firewall policies a bit more straightforward and it turns out there most certainly is. fwbuilder.org have written a magnificent multi-platform tool that presents a GUI to not only iptables, but PIX, FWSM, ipfilter & more.

You can download the installers for Windows, Mac & Linux as well as some extra modules here.

It really does work a charm.

Securing Your Website

Paul Shannon — Tue, 01 Jul 2008 08:02:42 +0000

A blog at the Washington Post offers some little tidbits on how to make your websites more secure.

You can read the post here, bear in mind that it is totally IIS focussed, but pretty useful nonetheless.

Tripwire ConfigCheck

Paul Shannon — Tue, 17 Jun 2008 07:49:40 +0000

I was looking for an app that would investigate an ESX host that wasn’t configured by me to see how much work would be needed to secure it.

I found Tripwire’s ConfigCheck java app an absolute cracker.

Securing VMotion Traffic

Paul Shannon — Tue, 26 Feb 2008 11:44:08 +0000

Another great post on the VMware Security Blog has outlined some of the best practices associated with isolating all VMotion traffic.

This was born out of an exploit being found that allows a hacker to take control of a mid-migration Virtual Machine.

Here’s an overview of the main points:

Provide a VLan with no endpoints other than the VMotion NICs of all associated ESX Servers
Tightly control user account access in VirtualCenter
Don’t enable Promiscuous Mode on vSwitches

If you would like to read the whole article, you can do so by clicking here.