The traffic is sniffer traffic. It wouldn't be a network for guests, or
public, it would be both.
On Fri, May 23, 2014 at 2:45 PM, Daan Hoogland wrote:
> H Marcus,
>
> You are raising more questions here
> The traffic is just user data isn't it? Why a new traffic type? Or are
> you forking the d
H Marcus,
You are raising more questions here
The traffic is just user data isn't it? Why a new traffic type? Or are
you forking the data and then considering the fork another type?
thanks,
Daan
On Fri, May 23, 2014 at 5:53 PM, Marcus wrote:
> Perhaps it should be a separate traffic type, if w
Perhaps it should be a separate traffic type, if we go the route of piping
it through to another network. I've also found a network_details table that
seems to be unused.
On Thu, May 22, 2014 at 9:04 AM, Marcus wrote:
> Yet another vector
>
>
> On Thu, May 22, 2014 at 8:07 AM, Erik Weber wrote
Yet another vector
On Thu, May 22, 2014 at 8:07 AM, Erik Weber wrote:
> What prevents root from revealing and using the domain admin api / secret
> Key?
>
> Erik
> 22. mai 2014 15:54 skrev "Marcus" følgende:
>
> > I've always viewed the permissions to be additive, if a domain admin has
> > the
What prevents root from revealing and using the domain admin api / secret
Key?
Erik
22. mai 2014 15:54 skrev "Marcus" følgende:
> I've always viewed the permissions to be additive, if a domain admin has
> the ability to set up network sniffing on the VPC I'd imagine the root
> admin should be ab
I've always viewed the permissions to be additive, if a domain admin has
the ability to set up network sniffing on the VPC I'd imagine the root
admin should be able to as well. Although perhaps not. Even though they
have unfettered access to destroy all vms, networks, zones, the root admin
may not
Marcus, you mention a permission issue that triggers the though:
should a root admin be allowed? I think not. This brings up extra
requirements on the IAM, does it?
I would implement the functionality on the router.
On Thu, May 22, 2014 at 6:42 AM, Marcus wrote:
> I really like the lower overhea
I really like the lower overhead of just port mirroring from one of the
router's interfaces to an instance interface host-side, but I really
dislike the affinity it creates between the router and the listener, and
all of the complications it creates for host maintenance and migrations. It
may also
Hi guys,
Not sure if this has been discussed before, but we are getting feature
requests for an IDS or packet-sniffing/monitoring capability. I have a
prototyped idea of how to do this (manual config), but would like some
input.
We create a network offering or network capability/detail that is
