[Discuss] web server can't see out but others can see in

Rich Pieri richard.pieri at gmail.com
Fri Sep 28 16:46:57 EDT 2012


On Fri, 28 Sep 2012 16:03:36 -0400
Tom Metro <tmetro+blu at gmail.com> wrote:

> VMs have networking options that let you chose between bridged and NAT
> connections between the host and guest. One thing Eric should clarify
> is whether the NAT setup is something set in an external firewall
> appliance, or was it part of the VM setup.

Doesn't matter. The host's network interface is exposed to all of the
guest's traffic. The host's NIC is also in promiscuous mode which itself
is not a vulnerability but it means that a compromised host or guest
can be used to sniff the internal network.

-- 
Rich P.



More information about the Discuss mailing list