Server virtualization and security?

Hi all,

Don't know whether it's the good spot to post but this is a simple
question and I did not find any studies about this point:

I know that virtualization is seen as a great solution to managing the
data center of the future; server virtualization enables besides a
better way to address common issues like resources allocation and
optimization, hot plug application deployment, space and energy
consumption savings and so on...

But: My question is from the security and anti-hacking protection
point of view. Someone says that "virtualization allows securisation
and isolation of a network as breaking a virtual system doesn't allow
to take over the whole system (and especially the host system)".
Personnally I wonder how one can be so sure.

What if a server "virtually" hosting my app and another one which is a
great security hole? If a hacker manage to take over the virtual
system hosting the "loosely secured app" is it simple (or not?) for
him to take over the other virtual systems or ,what's even worse, the
whole system?

Any idea?
Any link where this issue is addressed?

Cheers

num

num_gg@laposte.net wrote:


> But: My question is from the security and anti-hacking protection
> point of view. Someone says that "virtualization allows securisation
> and isolation of a network as breaking a virtual system doesn't allow
> to take over the whole system (and especially the host system)".
> Personnally I wonder how one can be so sure.


Depends very much on the implementation. Virtuozzo and User Mode Linux, for
example, offer virtually no security boundaries.

num_gg@laposte.net writes:

> Hi all,
>
> Don't know whether it's the good spot to post but this is a simple
> question and I did not find any studies about this point:
>
> I know that virtualization is seen as a great solution to managing the
> data center of the future; server virtualization enables besides a
> better way to address common issues like resources allocation and
> optimization, hot plug application deployment, space and energy
> consumption savings and so on...
>
> But: My question is from the security and anti-hacking protection
> point of view. Someone says that "virtualization allows securisation
> and isolation of a network as breaking a virtual system doesn't allow
> to take over the whole system (and especially the host system)".
> Personnally I wonder how one can be so sure.
>
> What if a server "virtually" hosting my app and another one which is a
> great security hole? If a hacker manage to take over the virtual
> system hosting the "loosely secured app" is it simple (or not?) for
> him to take over the other virtual systems or ,what's even worse, the
> whole system?
>
> Any idea?
> Any link where this issue is addressed?

Full escape from a VMWare virtual machine was apparently demonstrated
late in 2007. I saw a talk by SANS handler Tom Liston who was
discussing the issues they leveraged to perform it. Googling, I
found a mention of it in this blog
http://www.pauldotcom.com/2007/07/31...tualizati.html

Liston's 2006 presentation which is light on details due to disclousre
issues is here
http://handlers.sans.org/tliston/Thw...on_Skoudis.pdf

However, with modifications to the vmware configuration, things can
be locked down quite well. He mentioned several of these in a talk I
attended of his in mid-late 2007.

Also notable on this virtualization security front are the squabbles
between Tom Ptacek's Montasano security and Joanna Rutkowska (author
of Blue Pill).

http://theinvisiblethings.blogspot.c...challenge.html

Montasano's version provides more background though:
http://www.matasano.com/log/895/joan...t-us-prove-it/

Best Regards,
--
Todd H.
http://www.toddh.net/

On 2008-02-13, num_gg@laposte.net <num_gg@laposte.net> wrote:
>
> ... securisation ..

WTF?

> ... If a hacker manage to take over the virtual system hosting the
> "loosely secured app" is it simple (or not?) for him to take over the
> other virtual systems or ,what's even worse, the whole system?

Possibly. Drop the guest, mount its file system and make modifications
then bring the guest back up.

--
Russell Wood
<http://www.dynode.net/~rjw/>

Hi all,

Thanks to *all* for your answers and links for further information.

I close the thread (but the issue seems far from closed).

cheers

Num,

num_gg@laposte.net writes:

> Hi all,
>
> Thanks to *all* for your answers and links for further information.
>
> I close the thread (but the issue seems far from closed).

Is thread closing a Google Groups thing?

--
Todd H.
http://www.toddh.net/

ok ok ok...
Facing protest, the thread is NOT closed.

....

Now Andy, it's up to you.

....

(just kidding)

:))