在QEMU中运行的最“安全”的架构是什么?
目前,OpenBSD支持这些体系结构( http://www.openbsd.org/plat.html ):
alpha Digital Alpha-based systems
amd64 AMD64-based systems
armish ARM-based appliances (by Thecus, IO-DATA, and others)
hp300 Hewlett-Packard HP 9000 series 300 and 400 workstations
hppa Hewlett-Packard Precision Architecture (PA-RISC) systems
i386 Standard PC and clones based on the Intel i386 architecture and compatible processors
landisk IO-DATA Landisk systems (such as USL-5P) based on the SH4 cpu
loongson Loongson 2E- and 2F-based systems, such as the Lemote Fuloong and Yeeloong, Gdium Liberty, etc.
luna88k Omron LUNA-88K and LUNA-88K2 workstations
macppc Apple New World PowerPC-based machines, from the iMac onwards
mvme68k Motorola 680x0-based VME systems
mvme88k Motorola 881x0-based VME systems
sgi SGI MIPS-based workstations
socppc Freescale PowerPC SoC-based machines
sparc Sun sun4, sun4c, sun4e and sun4m class SPARC systems
sparc64 Sun UltraSPARC and Fujitsu SPARC64 systems
vax Digital VAX-based systems
zaurus Sharp Zaurus C3x00 PDAs目前,QEMU支持这些体系结构( https://en.wikipedia.org/wiki/QEMU#Emulated_硬件_平台 )--但是修正了:
IA-32 (x86)
x86-64 PCs
MIPS R4000
Sun's SPARC sun4m
Sun's SPARC sun4u
ARM development boards (Integrator/CP and Versatile/PB)
SH4 SHIX board
PowerPC (PReP and Power Macintosh)
ETRAX CRIS
MicroBlaze architectures.所以结合起来(有两种支持的东西,但是修正了.):
i386 OR IA-32
amd64 OR x86-64
sun4m (SPARC)
macppc OR PowerPC搜索google (search string财政命中):
site:seclists.org i386 exploit vulnerability || 14600
site:cvedetails.com i386 exploit vulnerability || 24700
site:seclists.org IA-32 exploit vulnerability || 650
site:cvedetails.com IA-32 exploit vulnerability || 3510
site:seclists.org amd64 exploit vulnerability || 11000
site:cvedetails.com amd64 exploit vulnerability || 29900
site:seclists.org x86-64 exploit vulnerability || 540
site:cvedetails.com x86-64 exploit vulnerability || 4970
site:seclists.org x86_64 exploit vulnerability || 6590
site:cvedetails.com x86_64 exploit vulnerability || 36800
site:seclists.org sun4m exploit vulnerability || 17
site:cvedetails.com sun4m exploit vulnerability || 0
site:seclists.org SPARC exploit vulnerability || 7750
site:cvedetails.com SPARC exploit vulnerability || 43800
site:seclists.org macppc exploit vulnerability || 1
site:cvedetails.com macppc exploit vulnerability || 3490
site:seclists.org PowerPC exploit vulnerability || 7130
site:cvedetails.com PowerPC exploit vulnerability || 32000->>
http://i.imgur.com/jbsBNj0.png
因此,我想在OpenBSD主机上使用QEMU运行一个QEMU客户机。但是在不同的拱形下,宿主OpenBSD就有了。(出于安全考虑,如果利用漏洞在ex.:i386上工作,那么它不是100%运行在ex.:sun4m上)。
首先,如果我使用i386或amd64作为主机,那么来宾需要是: sun4m (??),但是SPARC有很多点击量。QEMU真的能使用sun4m吗?)
是的,我知道,寻找历史上的漏洞并不是最好的方法,但是没有更好的方法了。或?
问:那么最安全的架构是什么呢?
回答 1
Security用户
发布于 2013-07-19 10:32:04
利用漏洞计数在这里是没有帮助的,因为数字被非目标攻击扭曲了。如果一个坏人不在乎她控制的是什么机器,那么她就会把目标对准x86上的Windows,因为在PDP-11上,这些机器的数量要比BeOS多出10亿。
由于您主要是针对目标攻击进行防御,所以您的重点应该是强化特定实例。
事实上,有一个理由是,您也应该在您的客人上使用x86。它可能是最受欢迎的端口(需要引用),这可能意味着大多数眼球都在寻找bug。
https://security.stackexchange.com/questions/39201
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号