'Re: [qubes-devel] Qubes internal network topology'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qubes-devel
Subject:    Re: [qubes-devel] Qubes internal network topology
From:       Andrew <kyboren () riseup ! net>
Date:       2016-02-11 17:05:39
Message-ID: 56BCBF63.5000905 () riseup ! net
[Download RAW message or body]

Joanna Rutkowska:
> On Thu, Feb 11, 2016 at 01:56:11PM +0000, Andrew wrote:
> > Marek Marczykowski-Górecki:
> > > On Thu, Feb 11, 2016 at 12:20:40PM +0100, Zrubi wrote:
> > > > Hi,
> > > 
> > > > I want to visualize the internal Qubes network topology.
> > > > Is there any better way to get the actual topology than parsing the
> > > > output of `qvm-ls -n`
> > > 
> > > Unfortunately no, at least not yet. We'd love to have something like
> > > that in Qubes Manager in Qubes 4.0, but that's just a wishlist entry
> > > for now...
> > > 
> > > 
> 
> > I've made my own hacky script for visualizing network and PCI
> > attachments.  Maybe this will tide you over until there's something more
> > official?
> 
> > It's not completely bug-free; there is a spacing issue for ProxyVMs, but
> > visually I think it looks just fine and haven't had much motivation to
> > fix it.
> 
> > Pic with redactions attached.
> 
> > Andrew
> 
> 
> Hate to break it to you, but you're not quarantining ME by assigning the ME host
> controller device to a VM, as seen on your screenshot. This device is a mere
> interface for the OS to talk to the ME, but ME is still free to do whatever DMA
> it wants. Sorry. I once believed this would work too... :/
> 
> joanna.
> 

Oh, I'm well aware of this.  I think I even asked about this explicitly
on the list before (and you were probably the one to reply that it's
ineffective).  It may indeed be Quixotic, but it can't hurt, right? ;)

Andrew

-- 
You received this message because you are subscribed to the Google Groups \
"qubes-devel" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to qubes-devel+unsubscribe@googlegroups.com. To post to this group, \
send email to qubes-devel@googlegroups.com. To view this discussion on the web visit \
https://groups.google.com/d/msgid/qubes-devel/56BCBF63.5000905%40riseup.net. For more \
options, visit https://groups.google.com/d/optout.


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic