Wednesday, November 26, 2008
Since vpnc is already up
I might as well take advantage and try to capture some of the stuff that's already oozing out of my grey matter. My partner and I talked about the project at length, and at the beginning, another classmate gave some suggestions. We came to the conclusion that NAT is not needed at all in the configuration that my partner is working towards because there will be a one-to-one ratio of IP addresses to virtual machines. If that changes, we need...something. Maybe NAT, maybe something else.
My partner defined 'dynamic instantiation' for the time being as basically turning a VM on and off. We also all agreed that there has to be some mechanism to capture state. Our classmate pointed out that the controller needs to know which VMs it needs to be acting on and when, and neither iptables nor Click as they are have the ability to pass on that type of information. So I was looking at netlink sockets, but now I'm looking at libipq, which I'm thinking is even better. It basically routes a packet from kernel space to user space. You can then make a decision on the packet and send it back to kernel space. I'm thinking I can make some additional network devices and have initial traffic routed to the devices associated with my libipq stuff, a type of first packet reader, then accepted packets are routed to whatever we use to route traffic, click or iptables or whatever.
I'm also looking at malware collection. That looks like it won't be so hard. There's information out there on how to save binaries in MySQL databases. Oh, and my classmate talked about VM introspection type stuff. He mentioned RegMon, FileMon and some other utility. They're for Windows, which we haven't really been using, but we will eventually, and I hadn't even thought about registry data. My partner's idea about mounting a vmdk file is something that I've actually been able to test on my laptop, unlike most VMware stuff. It didn't take long to perform a diff on the two mounted filesystems--I was working on a script to automate that process.
I'm sure that I've forgotten something, but oh well.