Dailydave mailing list archives
Re: VPC
From: Jon Oberheide <jon () oberheide org>
Date: Fri, 29 Feb 2008 09:57:45 -0500
On Thu, 2008-02-28 at 18:43 -0500, Matt Richard wrote:
On Mon, Feb 25, 2008 at 10:34 PM, Anthony Lineberry <anthony.lineberry () gmail com> wrote:Is this sandboxing running outside of the hypervisor or inside? One thing i've been messing with is lately is sandboxing from outside the guest os by modifying a hypervisor to manipulate the kernel through external hooks. I'm really curious is this has been done before and if i'm just reinventing the wheel?I have only seen defensive implementations such as the work of Garfinkel and Rosenblum at Stanford. Their use case is a modified hypervisor that can monitor critical OS data structures. One of their implementations watches the Linux system call table and can prevent modification to thwart rootkits.
In related news, VMware just recently announced VMsafe: http://www.vmware.com/overview/security/vmsafe.html -- Jon Oberheide <jon () oberheide org> GnuPG Key: 1024D/F47C17FE Fingerprint: B716 DA66 8173 6EDD 28F6 F184 5842 1C89 F47C 17FE
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: VPC, (continued)
- Re: VPC Thorsten Holz (Feb 21)
- Re: VPC Thierry Zoller (Feb 22)
- Re: VPC Alexander Sotirov (Feb 24)
- Re: VPC Anthony Lineberry (Feb 28)
- Re: VPC Thierry Zoller (Feb 23)
- Re: VPC don bailey (Mar 03)