Recent Entries
Popular articles
Topics
Recommended links

RSS icon Subscribe

» View my profile
Technorati

del.icio.us My links on del.icio.us

Tags
analysis antivirus application security auditing botnets breaches compliance crime cryptography DNS encryption forensics humor interesting Linux Malware marketing network pdf pentest phishing php Privacy rant reference software ssl standards sysadmin tool tools trends ubuntu Virtualization virtualization security vmware vulnerabilities vulnerability+assessment web web application security webappsec web security windows Windows security xss

Archive for 'Virtualization' Category

« Previous Page

VMware Workstation 6 released

9 May 2007

The latest edition of VMware Workstation is finally out of beta and available for download. Once again, VMware allows existing users of Workstation 5 to upgrade for a hundred bucks U.S. In addition to the usual incremental improvements and official support for an even greater number of guest operating systems (including Windows Vista as both [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Virtualization
Comments Off

Fuzzing virtual machines

26 April 2007

Security researcher Tavis Ormandy has published an interesting paper “An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments” (PDF link) where he used a I/O fuzzer and random opcode generator to find anomalies in VMware and other virtualization products. Tested were VMware Workstation and VMware Server, Xen, QEMU, Bochs, plus two [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Virtualization
Comments Off

Attacks on Virtual Machines

31 January 2007

More reading on the security of virtual machines like VMware: a researcher at Symantec has released a great little paper Attacks on Virtual Machine Emulators (hat tip to Computer Defense for point it out). The paper covers a few of the recent VM-specific malware like the SubVirt rootkit (PDF) but mostly concentrates on methods of [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Blind spots, Virtualization
1 Comment »

Security of virtualization

17 November 2006

Over at Info World, Tom Yager has a few thoughts on the security of virtualization. I touched on the topic back in April in Can virtualization be trusted for security?. Among other things, he has an interesting idea that an attacker might take advantage of easier cloning and failover possible with virtual machines. I can [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Myths & misconceptions, Virtualization
2 Comments »

Can virtualization be trusted for security?

21 April 2006

Some of our clients have started using VMWare, Xen and MS Virtual Server to provide either a contained environment for accessing the Internet from the desktop, or to isolate Internet services such as web and e-mail servers from the rest of a physical server. The idea is that if the virtual machine gets infected with [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Myths & misconceptions, Virtualization
4 Comments »

« Previous Page


Article contents copyright © Advosys Consulting Inc. Comments are copyright of the author
Icons courtesy Wikimedia Commons and are copyright of their authors.