Émulation de la présence d'un ventilateur dans un VM (par exemple pour tromper un malware)
This page explains how to add network bridge with nmcli with Linux using nmcli command line option so that you can connect VMs directly to LAN without using NAT.
The new vuln glories in the name XSA-138, aka CVE-2015-5154 and means “An HVM guest which has access to an emulated IDE CDROM device (e.g. with a device with "devtype=cdrom", or the "cdrom" convenience alias, in the VBD configuration) can exploit this vulnerability to take over the qemu process elevating its privilege to that of the qemu process.”
Dubbed VENOM (Virtualized Environment Neglected Operations Manipulation), the zero-day flaw takes advantage of the “virtual floppy disk controller” and potentially allows attackers to escape out of the virtual machine and execute malicious code on its host.
In this paper, we explore the performance of traditional virtual machine deployments, and contrast them with the use of Linux containers. We use a suite of workloads that stress the CPU, memory, storage and networking resources.
Our results show that containers result in equal or better performance than VM in almost all cases. Both VMs and containers require tuning to support I/O-intensive applications. We also discuss the implications of our performance results for future cloud architecture
https://plus.google.com/111049168280159033135/posts/Ncx6CUWKfPA
montage vdisk raw (avec offset) et qcow2 (avec nbd).
Alternative, avec guestmount
https://www.xmodulo.com/mount-qcow2-disk-image-linux.html