Being Escorted out of the Cave

posted

Posted by Charu ChaubalTechnical Marketing Manager for Datacenter Management Recently, security consulting company Intelguardians presented at NDSS claiming they could execute malicious code on the host OS of a computer running VMware hosted virtualization software, such as the free VMware Player or the licensed VMware Workstation. Their subsequent presentation at SANSFIRE 2007, which was reported Read more...

I spy a blue pill: detecting the theoretical rootkit

posted

We seem to be writing a lot about Blue Pill for something that’s pretty hypothetical at this point. A bit of background if you haven’t been following this: Blue Pill is theoretical/proof of concept rootkit that uses virtualization — a hypervisor architecture — to insert itself and hide under your operating system.  Previous coverage on Read more...

Blue Pill Cage Match

posted

Just search for blue pill hypervisor to get the background. We’ve talked about it here before. VMware’s Beng-Hong Lim and Keith Adams weighed in. Now Thomas Ptacek and Nate Lawson have challenged Joanna Rutkowska to a cage match at this year’s Black Hat Briefings conference. I think at this point the argument is more about Read more...

Virtual security: brave new world or more of the same?

posted

Greg Ness, VP of Marketing for Blue Lane Technologies, wrote an article that talks about the increased security complexity that comes with virtualization. Not so coincidentally, Blue Lane has a product that can address these complexities! (Disclaimer: Blue Lane is a VMware partner, has a very cool product, and is going to release a virtual Read more...

Top 10 Recommendations for Improving VMware ESX Security

posted

[Updated twice below.] Check out Alex Bakman’s VMworld 2007 presentation here as well on Top 10 Recommendations for Improving VMware ESX Security. Use Firewall and Antivirus software for COS. Just as in any other operating system, this provides basic protection Use VLANs to segment the physical network so only machines that are required to see Read more...