Black Hat risk to migrating VMs
By Davey Winder in Editorial
Posted in Data Protection, Blog, Security, Uncategorized on
I like the Black Hat conferences, not least because they always manage to produce a balanced measure of truly mind boggling security holes on the one hand and truly mind boggling self-serving smoke and mirrors on the other. I am not 100 percent sure where stories such as the RFID credit card hack fit into the balance, but there is little doubting the relevance of demonstrations such as the one which showed exactly how a determined attacker is able to hack into VMware and Xen virtualisation software while the VM is in transit between physical machines.
The security researcher in question is actually a PhD candidate from the University of Michigan, one Jon Oberheide who, if you say that quickly enough sounds like he belongs in the Star Wars movies somewhere along the line. But there is no air of science fiction about the proof-of-concept tool he demonstrated which shows how easy it is to hack into and control the VM hypervisor, as well as its applications, when a virtual machine is being migrated and use this to purloin data from those live VMs.
Oberheide reckons that his tool, Xensploit, reveals the lack of understanding when it comes to the risk involved with migrating live virtual machines. The main problem being, of course, that taking down a live system is not an option because that somewhat goes against the whole point of the dynamic availability of any VM deployment in the first place. But being aware of the risks means that measures can be taken to mitigate them, and in this case information is most definitely power.
Oberheide demonstrates that a man in the middle attack is possible while data moves in clear text during the VM migration, with Xensploit manipulating the SSHD authentication to provide the required administrative access. Route hijacking, ARP/DHCP spoofing and DNS poisoning can all play their part in such a compromise or, as Oberheide confides, even a simple passive password sniffing exercise.
And the solution? The usual to be honest, assess risks accordingly and take security seriously. Mutual authentication between hypervisors during migration, together with an encrypted data plane and a network isolated environment for the migrating VMs should do the trickā¦
Rated: 100% (3 votes)
Loading ...Make a comment
Tag cloud
Archives
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
Most commented posts
- Cuil frozen out: market share drops to next to nothing
20 comments
- Windows XP: the invincible OS
- Gatecrashing the WiFi hotspot party
- The 24 year old software that is still going strong
- Home workers are sick
- Big Brother Apple
- Spear phishing Catch 22 for Salesforce.com
- Dumbest phisher in history revealed
- Is BT misleading consumers with Option 2 broadband?
- Why ecommerce fails
Highest Rated Blog Posts
- Why ecommerce fails (100%)
- Betting on Hubdub technology (100%)
- Chinese whispers as government implicated in UK hack attacks (100%)
- Crimeware toolkit targets 10,000 trusted sites (100%)
- Black Hat risk to migrating VMs (100%)
- Tough on cyber crime, tough on the causes of cyber crime (100%)
- Firefox 3, Beta 4, Enhancements 900, Tested 5 (100%)
- Slowly slowly catchee Government IT monkey (100%)
- Who needs another set of web standards? (100%)
- The 6.5 billion quid hello (100%)