From: Stefan <proxmox@qwertz1.com>
To: Proxmox VE user list <pve-user@lists.proxmox.com>
Subject: Re: [PVE-User] Is Proxmox VE vulnerable to ransomware like VMware vSphere?
Date: Fri, 23 Jun 2023 18:57:41 +0200 [thread overview]
Message-ID: <A4A108AC-85B2-40E4-A1D3-55265EEEDE0D@qwertz1.com> (raw)
In-Reply-To: <CAD3upLsp6QJE7ndv1bQsvJo_aGEAiZyooHrnnY5skgAVraPPWQ@mail.gmail.com>
Hi,
I'm not sure which VMware exploit you're referring, but I think you mean the OpenSLP exploit.
For that automated exploit one needs to not install patches + having management services access via WAN.
So yes, ANY system connected to the internet is vulnerable in that sense, only the attack surface can be minimized by e.g. having an isolated management network where those services are accessible.
Stefan
Am 23. Juni 2023 16:27:51 MESZ schrieb Turritopsis Dohrnii Teo En Ming <tdtemccnp@gmail.com>:
>Subject: Is Proxmox VE vulnerable to ransomware like VMware vSphere?
>
>Good day from Singapore,
>
>Recently, VMware vSphere has come under the spotlight because tens of
>thousands of VMware vSphere installations are vulnerable to
>ransomware. Ransomware gangs are actively targeting VMware vSphere. Is
>Proxmox VE vulnerable to ransomware like VMware vSphere?
>
>Please advise. Thank you.
>
>Regards,
>
>Mr. Turritopsis Dohrnii Teo En Ming
>Targeted Individual in Singapore
>Blogs:
>https://tdtemcerts.blogspot.com
>https://tdtemcerts.wordpress.com
>GIMP also stands for Government-Induced Medical Problems.
>
>_______________________________________________
>pve-user mailing list
>pve-user@lists.proxmox.com
>https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>
prev parent reply other threads:[~2023-06-23 17:04 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-23 14:27 Turritopsis Dohrnii Teo En Ming
2023-06-23 16:57 ` Stefan [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=A4A108AC-85B2-40E4-A1D3-55265EEEDE0D@qwertz1.com \
--to=proxmox@qwertz1.com \
--cc=pve-user@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox