My Photo
Subscribe in a reader

Recent Comments

Categories


« Lancope and Montego Networks Does VM2VM Visibility with Netflow | Main | Virtual Security NIC - Concept »

June 22, 2008

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Benjamin Wright

John: Although I agree security is important, sometimes the media make a bigger deal about break-ins (such as the one at TJX) than is warranted. --Ben http://hack-igations.blogspot.com/2008/04/more-on-tjx-data-breach-and-federal.html

John Peterson

Absolutely! The media does make things out to be bigger than they are. For this reason its even more important to safeguard your "virtual networks" in the way I am describing. Because a corporation not only runs the risk of lost revenue, customer dissatisfaction but runs the risk of public embarrassment and affects on reputation and brand. The media can be down right nasty. So, avoid all the drama I say and secure to the fullest.

This blog topic was in no way targeted at TJ Max however, it is a valid example of how hackers can penetrate your network if you are taking the stance of "well, it hasn't been done this way before..." and therefore not introducing something new to safeguard your networks.

-John Peterson

Christofer Hoff

John:

Your example, while defined as being high-level, assume that I'd mix web front-end, application and database servers running in VM's in the same host.

Secondly, it quietly assumes that these VM's are connected to the same vSwitch in the same VLAN as part of the same portgroup to allow for unobstructed traffic routing.

Obviously if these conditions are met, you're ripe for exploit, but really...

It all goes back to the point you brought up in the beginning; we don't do this today in the physical realm and if you do: (1) shame on you and (2) you're not introducing anything "different" simply by virtualizing.

Further, most people aren't virtualizing their databases and the notion of not using built-in clustering versus abandoning this strategy for Vmotion is not likely.

I'm not picking on you specifically, but these "reduction to the rediculous" corner case illustrations aren't practical or realistic.

NOW, I would say that virtualization is an opportunity to ADD additional security without having to forklift, but it should be framed this way and not by using FUD.

/Hoff

Resume Writing Services


Thank you very much! it does help! I will give a try on that and see how things goes!
I really appreciate your time! Thanks a lot

Term Papers

the security is very important

Term papers writing service

This is and excellent article posted on the subject of Security Between Virtual Machines? Virtual machine are a double-edged sword.We have implemented a virtual-machine based rootkit, called SubVirt, that can install itself below an existing operating system in a way that hides all the rootkit's state from the view of the operating system. See our paper in IEEE Security and Privacy 2006 for more details about this attack and how to defend against it. If you have more articles about that so shared it and Thank you for sharing your information about that article.

hOTELS IN sAN jOSE cOSTA rICA

Interesting information you shared. I have to admit your great effort. Thanks for your article, quite useful piece of writing.

The comments to this entry are closed.