Archive for Virtual
Author: Dave Lewis
June 5, 2008 at 9:59 pm · Filed under Tools, Virtual
I received an email from the folks over at Tripwire today. They have released a tool that can be used to check the security on VMWare configs. I haven’t got the time to review this one so I’ll leave to you the good readership to arrive at your own conclusions.
From Tripwire:
Tripwire® ConfigCheckTM is a free utility that rapidly assesses the security of VMware ESX 3.5 hypervisor configurations compared to the VMware Infrastructure 3 Security Hardening guidelines. Developed by Tripwire in cooperation with VMware, Tripwire ConfigCheck ensures ESX environments are properly configured—offering immediate insight into unintentional vulnerabilities in virtual environments—and provides the necessary steps towards full remediation when they are not.
And the best part? It’s free.
Now it would be nice if more vendors would take a hint and release free tools from time to time to help us get our job done. It would leave us collectively better disposed to them and their product portfolios in the long run.
Article Link
Author: Dave Lewis
March 18, 2008 at 6:50 am · Filed under Virtual, Vulnerability
The VMWare folks released patches yesterday to deal with a privilege escalation problem and a security bypass issue as well as five other problems.
From VMWare Advisory:
Problem description:
a. Host to guest shared folder (HGFS) traversal vulnerability
On Windows hosts, if you have configured a VMware host to guest shared folder (HGFS), it is possible for a program running in the guest to gain access to the host’s file system and create or modify executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn’t use host to guest shared folders. No versions of ESX Server, including ESX Server 3i, are affected by this vulnerability. Because ESX Server is based on a bare-metal hypervisor architecture and not a hosted architecture, and it doesn’t include any shared folder abilities. Fusion and Linux based hosted products are unaffected.
and…
b. Insecure named pipes
An internal security audit determined that a malicious Windows user could attain and exploit LocalSystem privileges by causing the authd process to connect to a named pipe that is opened and controlled by the malicious user.
The same internal security audit determined that a malicious Windows user could exploit an insecurely created named pipe object to escalate privileges or create a denial of service attack. In this situation, the malicious user could successfully impersonate authd and attain privileges under which Authd is executing.
For the rest of the issues please read the full advisory over on VMWare dot com.
Tags: VMWare, VMWare Vulnerabilities
Author: Dave Lewis
February 27, 2008 at 8:01 am · Filed under Vendor News, Virtual
With a headline like that you can’t help but, to shake your head.
From Electronics Talk:
The Padded Cell Secure Hypervisor and its EAL6+ compliant security policies enable breakthroughs for many of the world’s long unresolved security problems
Green Hills Software has released the world’s first secure hypervisor. The Padded Cell Secure Hypervisor supports the widest range of computing platforms, from embedded devices to enterprise desktop and server systems. It runs on top of Green Hills Software’s Integrity separation kernel. ‘Many people believe that hypervisors are the solution to security problems’.
‘But existing hypervisors actually make security problems worse by providing another avenue for attack’, said Dan O’Dowd, founder and Chief Executive Officer, Green Hills Software.
‘Everybody has become accustomed to the fail-first, patch-later mentality adopted by the world’s largest software organisations and products’.
‘The fact is that it is possible to build totally secure, hacker-proof software upon which critical computing assets and resources can depend’.
‘Our introduction of Padded Cell Secure Hypervisor continues to demonstrate this by pushing the envelope of applications that can benefit from our proven approach to safety, security and reliability’.
You know, I wish them well in this endeavour. I really do. I just can’t forget the Oracle “unhackable” campaign or Microsoft’s “more secure than the popemobile” billboards when Windows 2000 came out. It’s like they’re taunting the hackers. And, they will invariably rise to the challenge and smite them.
Article Link
Tags: Virtualization, Hypervisor, Hacker, Hacker Proof
Author: Dave Lewis
April 5, 2007 at 7:25 am · Filed under Virtual
Like any emerging technology, the analyst said virtualisation will be the target of new security threats. It warned that simply applying the technologies and best practices for securing physical servers won’t provide sufficient protections for virtual machines.
As a result, Gartner predicts 60 per cent of virtual machines used in production environments will be less secure than their physical equivalents by 2009.
Now bearing in mind these are the same folks that claimed IDS was dead. I tend to take a dim view of Gartner releases in general. Basically one would be ill advised to take them solely on face value. As with any resource on the web for that matter (yes, us as well).
Gartner goes on to advise that virtual machines should be locked down before deployment.
Sigh, I find it disturbing that they felt it necessary to outline this aspect. Although I guess I can understand this point of view having encountered some, er, interesting IT managers in my day. To treat a virtual machine any differently (by which I mean, in a lax manner) is a flawed approach. This is especially true if these systems are being deployed in a production environment. Security does in fact have to take a greater role here due to the overwhelming “new car smell” this technology holds for most businesses. There are discussions on rootkit VMs and the like to be sure. A VM should be treated as any operating system that you deploy. OK, you have the ability to recover if something goes wrong but, that would only apply if you detect a breach in the first place. By then who knows how much customer data might have flown out the front door?
Intrusion detection (for example) has merit and defense in depth still applies.
Article Link
UPDATE: Almost as if on cue I see this advisory for VMWare.
Tags: Virtual Machines, Gartner, IDS, VM Rootkits
