Open Stack

That was certainly a concern at at least one deployment site I have been at.

The want as I see it.  Is to isolate a running VM.  Snapshot it.  And then
perform forensics on the running isolated VM.

I think quantum integration will definitely help with this.  But we may
also need to look at how roles play out for this sort of thing inside of
keystone.


I am definitely interested in pursuing this in my free time.  So keep me in
the loop if you want some assistance.

-Matt

On Jul 16, 2012 3:55 PM, "Josiah Dykstra" <dykstra at umbc.edu> wrote:

> Devs,
>
> I am new to the list and wanted to run an idea by you. I am interested in
> adding some extensions to support incident response and forensics. Are
> others working on this, or is there wider interest in doing so? I think
> this could take several forms, such as introspection, hashes of virtual
> drives, authenticated logs, or memory dumps. I believe that users and
> admins would welcome these features. Would be interested in hearing your
> feedback.
>
> Josiah Dykstra
> dykstra@ <dykstra at umbc.edu>umbc.edu <dykstra at umbc.edu>
> Cyber Defense Lab, Department of Computer Science and Electrical
> Engineering
> University of Maryland Baltimore County (UMBC)
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20120717/00cb4814/attachment.html>