A naïve view of virtualization.
Okay, so this is my view of the new virtualization hype:
So what’s the big deal? Am I missing something, Herr Hoff?
Next entry: The best thing about security blogging ...
Previous entry: If he isn't careful ...
Comments
shrdlu
on 09/02 at 06:50 AM:
on 09/02 at 06:50 AM:Sandro, we agree. The guests themselves aren’t any less or more secure than they were outside the box—unless, as you say, the sysadmins treat them as throwaways, in which case they may be even less likely to secure them. (Then you have a nice image on a backup server saying, “Pwn me some more!” 
Less easy to monitor, at least for now (Ptacek thinks they’ll start adding more monitoring to the hypervisor, which makes sense). But other than that, I don’t see what the major diff is from a security perspective.
(BTW, do you like my Malta flag? I had to put one up specially for you!)
on 09/04 at 03:42 PM:I think you’ve captured most of it. However, one thing that isn’t on there is the fact that in some virtualization schemes, the virtualization infrastructure is trusted by VM’s by default. The case in point would be the recent MS Virtual PC patch, which looks like this:
1. Find one weak VM among a group, gain admin.
2. Use the admin access to exploit Virtual PC software, giving you access to machines you otherwise would have not been able to compromise from the outside because of the built in trust from the top down.
stacy
on 09/05 at 08:42 AM:
on 09/05 at 08:42 AM:Nice diagram. Care to release it under a CC license? I could see that ending up in a power point deck 
A couple years ago I was in a meeting with a born again virtualisation evangelist who was expounding the virtues of virtualisation. One of the virtues was that you could take a copy of a machine and ship it to a software vendor and they would be able to debug whatever problem you were having. After I stopped choking; I pointed out that just because you could do that did not mean that you should. At a bare minimum I suggested that before shipping an entire copy of the production database to some vendor that you should check with the Information Security team and discuss the classification of the data and whether or not the support agreement addresses the vendor’s responsibilities for protecting the data. The evangelist was not impressed that I had found a flaw in his utopian new world… must be the crack in my rose coloured glasses.
shrdlu
on 09/05 at 07:48 PM:
on 09/05 at 07:48 PM:Hey, feel free to use it if you like, but Hoff’s version beats mine all hollow.
Page 1 of 1 pages
Add a comment
About the Bloggiste
I'm an IT security manager who has worked in various places around the world and in the US. If I told you more, well ... you know.
Members
RSS Feeds
RSS 2.0Atom
Favorite links
IT Security GeekPerilocity
Rob the n00b1e
Schneier on Security
TaoSecurity Blog
The VERT Daily Post
Matasano Chargen
RiskAnalys.is
A Day in the Life of an Information Security Investigator
Managing Intellectual Property and IT Security
Dark Reading
The Guerrilla CISO
Tenable Network Security Blog
The Rear Guard Security Podcast (aka Ranum's Rants)
From what I gather the concerns are the following:
* Virtual machines can be threated as throwaway machines from the sysadmins since they’re less expensive. From the attacker’s perspective, they’re still as valuable as a real machine.
* Virtual machines can sit on a virtual network. One that you cannot tap with your cisco routers and monitor through snort. At least not as easily as you would have traditionally.
So I guess we have very similar opinions.