Educause Security Discussion mailing list archives

Re: Securing VM servers

From: Alex <alex.everett () UNC EDU>
Date: Thu, 29 May 2008 14:39:45 -0400

I would also be interested.

-Alex

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Lococo
Sent: Thursday, May 29, 2008 1:22 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Securing VM servers

Reposting with a proper subject line.  I must have deleted it by accident,
apologies.

Thanks,
Mike Lococo

Mike Lococo wrote:

Greetings,

I'm very interested in connecting offline with other folks who are
thinking about the architectural implications of virtualization with
regard to security boundaries.  We've poured a lot of thought into it
in my office, had fairly extensive conversations with VMWare technical
staff, and still have a lot of uncertainty about the best path forward
for our environment.

You might do a little searching for the research that Ed Skoudis and
Tom Liston did on escaping virtual machines.  Below is an article
that summarizes some of it.

http://blogs.computerworld.com/node/5936


That article is pretty thin on details.  I've never found a paper from
from Ed and Tom on that research, but some the most authoritative
links I've seen are:

* Foolmoon has a writeup of what Ed and Tom presented at Sansfire 2007:
http://www.foolmoon.net/cgi-bin/blog/index.cgi?mode=viewone&blog=11855
93255

* Ed posted a comment at the following blog with some details:
http://www.cutawaysecurity.com/blog/archives/170

* Tavis Ormandy wrote an excellent paper paper on fuzzing various
virtualization environments, all of which had crash bugs:
http://taviso.decsystem.org/virtsec.pdf

It's worth noting that none of the research above applies to ESX, it's
all been done on Workstation or Server.  That's not to imply that ESX
has no flaws, just that it's a different architecture/codebase which
makes any kind of specific comparison to the public research difficult.

Thanks,
Mike Lococo

PS CISecurity has some hardening guides for VMWare, but they
completely punt on how/where to enforce trust boundaries.

Attachment: smime.p7s
Description:

Current thread:

Securing VM servers Michael Jewett (May 29)
- <Possible follow-ups>
- Re: Securing VM servers HALL, NATHANIEL D. (May 29)
- Re: Securing VM servers Jenkins, Matthew (May 29)
- Re: Securing VM servers Jeff Wolfe (May 29)
- Re: Securing VM servers Mike Lococo (May 29)
- Re: Securing VM servers Paul Keser (May 29)
- Re: Securing VM servers Alex (May 29)
- Re: Securing VM servers John Ladwig (May 29)
- Re: Securing VM servers John Hoffoss (Jun 06)