The Virtualization Room

A SearchServerVirtualization.com and SearchVMware.com blog

» VIEW ALL POSTS Feb 26 2007   8:01PM GMT

Virtualization security: The dark side of the force



Posted by: Jan Stafford
Tags:
Microsoft Virtual Server
Virtualization security

Thomas Ptacek writes about two ways virtualization complicates life for systems security people in his blog entry, Dark Reading on Virtualization Security.

First of all, he says, “you now face the spectre of guest-hopping attacks, which are vulnerabilities in your hypervisor that allow you to beat VM protection and gain access to other hosts. The driver for these attacks is that a hypervisor has to provide at least the illusion of a ‘ring 0′ for a guest operating system to run in.” Secondly, he adds: “If you’re on the same hardware as your target, you have significantly improved timing channels to pry encryption secrets out with.”

Fortunately, he has some ideas on how to handle these problems. So do the other writers for Matasano Chargen, a blog about information security.

Virtualization security is on our readers’ minds, too, and we’re answering their requests for advice. Check out Chris Wolf’s advice on virtual switch security on Virtual Server, VMware and XenExpress and the virtualization security series by Harley Stagner, in which he suggests ways to improve Microsoft Virtual Server security.

What aspect of virtualization security is bugging you? What should IT shops really be worried about?

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Greg
    Jan: The issues of securing virtualized infrastructures are getting discussed with more frequency these days. From my standpoint, they are sprawl, mobility and complexity. The hypervisor layer is also a great point of leverage for the right kinds of security solutions... as well as hackers. Thx Greg Ness Blue Lane Technologies (vendor)
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: