SlideShare uma empresa Scribd logo

Virtualization security

Transferir como PPT, PDF
n|u - The Open Security Community
n|u - The Open Security Community

null Pune May 2012 Meet

EducaçãoTecnologia
1 de 23
Virtualizati on -By Ma ng e s h Gunj a l
Topics to be Covered:  Vir t ua l iz at io n  Vir t ua l Ma c hine Mo nit o r  T y p es o f Vir t ua l iz at io n  Why Vir t ua l iz at io n..?  Vir t ua l iz at io n Ap p l ic at io n Ar e a s  Vir t ua l iz at io n Ris k s  Vir t ua l iz at io n Se c ur it y  VM Sp r awl  Mis c e l l a ne o us
Virtualization - Mul t ip l e Op e r a t ing Sy s t e ms o n a Sing l e Phy s ic a l Sy s t e m - Mul t ip lt e Ex e c utrio y ing Ha r d wa r e Sha r e he Und e l - n Re s o ur c e s . Env ir o nme nt s , - Ha r d wa r e a nd So f t wa r e Pa r t it io ning , - T ime -Sha r ing , - Pa r t ia l o r Co mp l e t e Ma c hine Simul a t io n/ - Se p a r a tio n o f a Re s o ur c e Emul a t io n o r Re q ue s t f o r a s e r v ic e .
S o u r c e : Vir t ua l iz a t io n Ov e r v ie w whit e p a p e r , By
- Vir t ua l Ma c hine Mo nit o r ( VMM) - Emul a t io n o r s imul a t io n - Vir t ua l Ma c hine s - I s o l a t e d Env ir o nme nt
S o u r c e : Vir t ua l iz a t io n Ov e r v ie w whit e p a p e r , By
Para Virtualization S o u r c e : Vir t ua l iz a t io n Ov e r v ie w whit e p a p e r , By
Why Virtualization..?  Se r v e r Co ns o l id at io n.  Leg a c y Ap p l ic at io ns.  Sa nd b o x .  Ex e c ut io n o f Mul t ip l e Op e r at ing Sy s t e ms.  Simul at io n o f Ha r d wa r e a nd Ne t wo r k ing Dev ic es.  Po we r f ul De bugging a nd Pe r f o r ma nc e Mo nit o r ing  Fa ul t a nd Er r o r Co nt a inme nt  Ap p l ic at io n a nd Sy s t e m Mo b il it y  Sha r e d Me mo r y Mul t ip r o c ess o r s  Bus iness Co nt inuit y
S o u r c e : Vir t ua l iz a t io n Ov e r v ie w whit e p a p e r , By
I n f r a s t r u c t u r e is wha t c o nne c t s r e s o ur c e s t o y o ur b us ine s s . V ir t u a l I n f r a s t r u c t u r e is a d y na mic ma p p ing o f y o ur r e s o ur c e s t o y o ur b us ine s s . S o u r c e : Vir t ua l iz a t io n Ov e r v ie w R e s u l t : d e c r e a s e d c o s t s a nd whit e p a p e r , By
Virtualization Application Areas Des k t o p Vir t ua l iz at io n Ap p l ic at io n Vir t ua l iz at io n
Virtualization Application Areas Se r v e r Vir t ua l iz a t io n St o r a g e Vir t ua l iz a t io n I nf r a s t r uc t ur e Vir t ua l iz at io n Ne t wo r k Vir t ua l iz a t io n
Virtualization Risks - I ne x p e r ie nc e I nv o l v e d . - I nc r e a s e d Cha nne l s f o r At t a c k . - Cha ng e Ma na g e me nt Co nt r o l . - I T Ass e t T r a c k ing a nd Ma na g e me nt . - Se c ur ing Do r ma nt Vir t ua l Ma c hines. - Sha r ing Dat a b e t we e n Vir t ua l Ma c hines.
Exploitation on Virtualization - Malicious Code Activities through Detection of VM. - Denial of Service on the Virtual Machine. - Virtual Machine Escape
Historical Incident - VMware Multiple Denial Of Service Vulnerabilities Some VMware products support storing configuration information in VMDB files. Under some circumstances, a malicious user could instruct the virtual machine process (VMX) to store malformed data, causing an error. This error could enable a successful Denial-of- Service attack on guest operating systems. Link:
Virtualization Security  Hy p e r v is o r Se c ur it y  Ho s t / Pl at f o r m Se c ur it y  Se c ur ing Co mmunic at io ns  Se c ur it y b e t we e n Gues t s  Se c ur it y b e t we e n Ho s t s a nd Gues t s  Vir t ua l iz e d I nf r a s t r uc t ur e Se c ur it y  Vir t ua l Ma c hine Sp r awl
Hardening Steps to Secure Virtualisation Environment - Server Service Console - Restriction to Internal Trusted Network - Block all the incoming and outgoing traffic except for necessary ports. - Monitor the integrity and modification of the configuration files - Limit ssh based client communication to a discrete group of ip addresses - Create separate partitions for /home, /tmp, and /var/log
Hardening Steps to Secure Virtualisation Environment - Virtual Network Layer - Network breach by user error or omission. - MAC Address spoofing (MAC address changes) - MAC Address spoofing (Forged transmissions)
Hardening Steps to Secure Virtualisation Environment - Virtual Machine - Apply standard infrastructure security measures into virtual infrastructure - Set the resource reservation and limits for each virtual machine
Virtual Machine Sprawl  Unc he c k e d c r e at io n o f ne w Vir t ua l Ma c hines ( Vms )  T he VMs t hat a r e c r e at e d f o r a s ho r t -t e r m p r o j e c t a r e s t il l us ing CPU, RAM a nd ne t wo r k r es o ur c es, a nd t hey c o ns ume s t o r a g e ev e n if t hey a r e powe r e d of f .  VM s p r awl c o ul d l e a d t o a c o mp ut ing e nv ir o nme nt r unning o ut o f r es o ur c es at a muc h q uic k e r -t ha n-e x p e c t e d r at e , a nd it c o ul d s k e w wid e r c a p a c it y - p l a nning e x e r c is es.
Miscellaneous  Ka s p e r s ky La b ha s int r o d uc e d Ka s p e r s ky Se c ur it y f o r Vir t ua l iz at io n, a v ir t ua l s e c ur it y a p p l ia nc e t hat int egr at es wit h VMwa r e v Shie l d End po int t o p r ov id e a g e nt l ess, a nt i ma l wa r e s e c ur it y.  VMwa r e So ur c e Co d e Le a k Rev e a l s Vir t ua l iz at io n Se c ur it y Co nc e r ns.  Sy ma nt e c ha s it s own wid e r a ng e o f t o o l s f o r Vir t ua l iz at io n Se c ur it y : − Sy ma nt e c Cr it ic a l Sy s t e m Pr ot e c t io n − Sy ma nt e c Dat a Lo ss Pr ev e nt io n − Sy ma nt e c Co nt r o l Co mp l ia nc e Suit e − Sy ma nt e c Se c ur it y I nf o r mat io n Ma na g e r
References - VMware.com - Microsoft.com - SANS.org - Gartner.com - Trendmicro.com - Symantec.com
Thank You

Recomendados

AWS for Backup and Recovery
AWS for Backup and RecoveryAWS for Backup and Recovery
AWS for Backup and RecoveryAmazon Web Services
 
How to backup, restore and archive your data on AWS
How to backup, restore and archive your data on AWSHow to backup, restore and archive your data on AWS
How to backup, restore and archive your data on AWSAmazon Web Services
 
Welcome to the AWS Cloud
Welcome to the AWS CloudWelcome to the AWS Cloud
Welcome to the AWS CloudAmazon Web Services
 
AWS Enterprise Day | Journey to the AWS Cloud
AWS Enterprise Day | Journey to the AWS CloudAWS Enterprise Day | Journey to the AWS Cloud
AWS Enterprise Day | Journey to the AWS CloudAmazon Web Services
 
Privacy issues in the cloud
Privacy issues in the cloudPrivacy issues in the cloud
Privacy issues in the cloudConstantine Karbaliotis
 
Executing a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSExecuting a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSAmazon Web Services
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Backup and archiving in the aws cloud
Backup and archiving in the aws cloudBackup and archiving in the aws cloud
Backup and archiving in the aws cloudAmazon Web Services
 

Recomendados

AWS for Backup and Recovery
AWS for Backup and RecoveryAWS for Backup and Recovery
AWS for Backup and RecoveryAmazon Web Services
 
How to backup, restore and archive your data on AWS
How to backup, restore and archive your data on AWSHow to backup, restore and archive your data on AWS
How to backup, restore and archive your data on AWSAmazon Web Services
 
Welcome to the AWS Cloud
Welcome to the AWS CloudWelcome to the AWS Cloud
Welcome to the AWS CloudAmazon Web Services
 
AWS Enterprise Day | Journey to the AWS Cloud
AWS Enterprise Day | Journey to the AWS CloudAWS Enterprise Day | Journey to the AWS Cloud
AWS Enterprise Day | Journey to the AWS CloudAmazon Web Services
 
Privacy issues in the cloud
Privacy issues in the cloudPrivacy issues in the cloud
Privacy issues in the cloudConstantine Karbaliotis
 
Executing a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSExecuting a Large-Scale Migration to AWS
Executing a Large-Scale Migration to AWSAmazon Web Services
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Backup and archiving in the aws cloud
Backup and archiving in the aws cloudBackup and archiving in the aws cloud
Backup and archiving in the aws cloudAmazon Web Services
 
Azure Hub spoke v1.0
Azure Hub spoke v1.0Azure Hub spoke v1.0
Azure Hub spoke v1.0Sayed Ashraf Kazi
 
Amazon Virtual Private Cloud
Amazon Virtual Private CloudAmazon Virtual Private Cloud
Amazon Virtual Private CloudAmazon Web Services
 
Amazon Web Services - Elastic Beanstalk
Amazon Web Services - Elastic BeanstalkAmazon Web Services - Elastic Beanstalk
Amazon Web Services - Elastic BeanstalkAmazon Web Services
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAmazon Web Services
 
AWS Media and Entertainment - Broadcast and OTT Workloads - Toronto
AWS Media and Entertainment - Broadcast and OTT Workloads - TorontoAWS Media and Entertainment - Broadcast and OTT Workloads - Toronto
AWS Media and Entertainment - Broadcast and OTT Workloads - TorontoAmazon Web Services
 
Disaster Recovery Options with AWS
Disaster Recovery Options with AWSDisaster Recovery Options with AWS
Disaster Recovery Options with AWSAmazon Web Services
 
Cost Optimisation on AWS
Cost Optimisation on AWSCost Optimisation on AWS
Cost Optimisation on AWSAmazon Web Services
 
Cloud Architecture in the Data Center
Cloud Architecture in the Data CenterCloud Architecture in the Data Center
Cloud Architecture in the Data CenterInterVision Systems
 
VMworld 2014: vCenter Server Architecture and Deployment Deep Dive
VMworld 2014: vCenter Server Architecture and Deployment Deep DiveVMworld 2014: vCenter Server Architecture and Deployment Deep Dive
VMworld 2014: vCenter Server Architecture and Deployment Deep DiveVMworld
 
Vmware training presentation
Vmware training presentationVmware training presentation
Vmware training presentationAmit Kapadia
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
AWS Partner Data Analytics on AWS_Handout.pdf
AWS Partner Data Analytics on AWS_Handout.pdfAWS Partner Data Analytics on AWS_Handout.pdf
AWS Partner Data Analytics on AWS_Handout.pdfSrinjoySaha12
 
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...Amazon Web Services
 
Creating the Cloud Business Case
Creating the Cloud Business CaseCreating the Cloud Business Case
Creating the Cloud Business CaseAmazon Web Services
 
Virtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMwareVirtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMwareDatapath Consulting
 
5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilotAndrew Bettany
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security FundamentalsAmazon Web Services
 
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...Amazon Web Services
 
Datacenter migration using vmware
Datacenter migration using vmwareDatacenter migration using vmware
Datacenter migration using vmwareWilson Erique
 
Amazon EC2 Instance Types.pptx
Amazon EC2 Instance Types.pptxAmazon EC2 Instance Types.pptx
Amazon EC2 Instance Types.pptxRomitSingh17
 
Otology learning
Otology learningOtology learning
Otology learningSasan Dabiri
 
Telecom service futures driven by customer need
Telecom service futures driven by customer needTelecom service futures driven by customer need
Telecom service futures driven by customer needUniversity of Hertfordshire
 

Mais conteúdo relacionado

Mais procurados

Amazon Web Services - Elastic Beanstalk
Amazon Web Services - Elastic BeanstalkAmazon Web Services - Elastic Beanstalk
Amazon Web Services - Elastic BeanstalkAmazon Web Services
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAmazon Web Services
 
AWS Media and Entertainment - Broadcast and OTT Workloads - Toronto
AWS Media and Entertainment - Broadcast and OTT Workloads - TorontoAWS Media and Entertainment - Broadcast and OTT Workloads - Toronto
AWS Media and Entertainment - Broadcast and OTT Workloads - TorontoAmazon Web Services
 
Disaster Recovery Options with AWS
Disaster Recovery Options with AWSDisaster Recovery Options with AWS
Disaster Recovery Options with AWSAmazon Web Services
 
Cloud Architecture in the Data Center
Cloud Architecture in the Data CenterCloud Architecture in the Data Center
Cloud Architecture in the Data CenterInterVision Systems
 
VMworld 2014: vCenter Server Architecture and Deployment Deep Dive
VMworld 2014: vCenter Server Architecture and Deployment Deep DiveVMworld 2014: vCenter Server Architecture and Deployment Deep Dive
VMworld 2014: vCenter Server Architecture and Deployment Deep DiveVMworld
 
Vmware training presentation
Vmware training presentationVmware training presentation
Vmware training presentationAmit Kapadia
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
AWS Partner Data Analytics on AWS_Handout.pdf
AWS Partner Data Analytics on AWS_Handout.pdfAWS Partner Data Analytics on AWS_Handout.pdf
AWS Partner Data Analytics on AWS_Handout.pdfSrinjoySaha12
 
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...Amazon Web Services
 
Creating the Cloud Business Case
Creating the Cloud Business CaseCreating the Cloud Business Case
Creating the Cloud Business CaseAmazon Web Services
 
Virtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMwareVirtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMwareDatapath Consulting
 
5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilotAndrew Bettany
 
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...Amazon Web Services
 
Datacenter migration using vmware
Datacenter migration using vmwareDatacenter migration using vmware
Datacenter migration using vmwareWilson Erique
 
Amazon EC2 Instance Types.pptx
Amazon EC2 Instance Types.pptxAmazon EC2 Instance Types.pptx
Amazon EC2 Instance Types.pptxRomitSingh17
 

Mais procurados (20)

Azure Hub spoke v1.0
Azure Hub spoke v1.0Azure Hub spoke v1.0
Azure Hub spoke v1.0
 
Amazon Virtual Private Cloud
Amazon Virtual Private CloudAmazon Virtual Private Cloud
Amazon Virtual Private Cloud
 
Amazon Web Services - Elastic Beanstalk
Amazon Web Services - Elastic BeanstalkAmazon Web Services - Elastic Beanstalk
Amazon Web Services - Elastic Beanstalk
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best Practices
 
AWS Media and Entertainment - Broadcast and OTT Workloads - Toronto
AWS Media and Entertainment - Broadcast and OTT Workloads - TorontoAWS Media and Entertainment - Broadcast and OTT Workloads - Toronto
AWS Media and Entertainment - Broadcast and OTT Workloads - Toronto
 
Disaster Recovery Options with AWS
Disaster Recovery Options with AWSDisaster Recovery Options with AWS
Disaster Recovery Options with AWS
 
Cost Optimisation on AWS
Cost Optimisation on AWSCost Optimisation on AWS
Cost Optimisation on AWS
 
Cloud Architecture in the Data Center
Cloud Architecture in the Data CenterCloud Architecture in the Data Center
Cloud Architecture in the Data Center
 
VMworld 2014: vCenter Server Architecture and Deployment Deep Dive
VMworld 2014: vCenter Server Architecture and Deployment Deep DiveVMworld 2014: vCenter Server Architecture and Deployment Deep Dive
VMworld 2014: vCenter Server Architecture and Deployment Deep Dive
 
Vmware training presentation
Vmware training presentationVmware training presentation
Vmware training presentation
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
AWS Partner Data Analytics on AWS_Handout.pdf
AWS Partner Data Analytics on AWS_Handout.pdfAWS Partner Data Analytics on AWS_Handout.pdf
AWS Partner Data Analytics on AWS_Handout.pdf
 
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
 
Creating the Cloud Business Case
Creating the Cloud Business CaseCreating the Cloud Business Case
Creating the Cloud Business Case
 
Virtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMwareVirtualization 101: Everything You Need To Know To Get Started With VMware
Virtualization 101: Everything You Need To Know To Get Started With VMware
 
5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilot
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security Fundamentals
 
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...
Modernizing Media Supply Chains with AWS Serverless (API301) - AWS re:Invent ...
 
Datacenter migration using vmware
Datacenter migration using vmwareDatacenter migration using vmware
Datacenter migration using vmware
 
Amazon EC2 Instance Types.pptx
Amazon EC2 Instance Types.pptxAmazon EC2 Instance Types.pptx
Amazon EC2 Instance Types.pptx
 

Semelhante a Virtualization security

Analysis of Regional Phishing Attack
Analysis of Regional Phishing AttackAnalysis of Regional Phishing Attack
Analysis of Regional Phishing AttackJune Park
 
Congresso Crimes Eletrônicos, 08/03/2009 - Apresentação Ghassan Dreibi
Congresso Crimes Eletrônicos, 08/03/2009 - Apresentação Ghassan DreibiCongresso Crimes Eletrônicos, 08/03/2009 - Apresentação Ghassan Dreibi
Congresso Crimes Eletrônicos, 08/03/2009 - Apresentação Ghassan DreibiFecomercioSP
 
Web Development for Managers
Web Development for ManagersWeb Development for Managers
Web Development for ManagersRandy Connolly
 
Ceh v8 labs module 11 session hijacking
Ceh v8 labs module 11 session hijackingCeh v8 labs module 11 session hijacking
Ceh v8 labs module 11 session hijackingAsep Sopyan
 
Hacking web applications CEHv8 module 13
Hacking web applications CEHv8 module 13Hacking web applications CEHv8 module 13
Hacking web applications CEHv8 module 13Wise Person
 
Innovation in the platform world
Innovation in the platform worldInnovation in the platform world
Innovation in the platform worldadritab
 
World Hosting Days - More than just a control panel - reveal the power of Web...
World Hosting Days - More than just a control panel - reveal the power of Web...World Hosting Days - More than just a control panel - reveal the power of Web...
World Hosting Days - More than just a control panel - reveal the power of Web...Jan Löffler
 
WHD.usa - Plesk - more than just a control panel - reveal the power of web op...
WHD.usa - Plesk - more than just a control panel - reveal the power of web op...WHD.usa - Plesk - more than just a control panel - reveal the power of web op...
WHD.usa - Plesk - more than just a control panel - reveal the power of web op...Jan Löffler
 
CYBER DEFENCE SCENARIOS - Part 2: Building The Blue Team
CYBER DEFENCE SCENARIOS - Part 2: Building The Blue TeamCYBER DEFENCE SCENARIOS - Part 2: Building The Blue Team
CYBER DEFENCE SCENARIOS - Part 2: Building The Blue TeamUniversity of Hertfordshire
 
Internet of Things - Introduction
Internet of Things - IntroductionInternet of Things - Introduction
Internet of Things - IntroductionPrem Kumar Badri
 
Ceh v8 labs module 19 cryptography
Ceh v8 labs module 19 cryptographyCeh v8 labs module 19 cryptography
Ceh v8 labs module 19 cryptographyMehrdad Jingoism
 
Fullscreen Digital - Retail business optimization solutions
Fullscreen Digital - Retail business optimization solutionsFullscreen Digital - Retail business optimization solutions
Fullscreen Digital - Retail business optimization solutionsFullscreen Digital
 
Quick Reference Guide: Server Hosting
Quick Reference Guide: Server HostingQuick Reference Guide: Server Hosting
Quick Reference Guide: Server Hostingwebhostingguy
 
Os Nightingale
Os NightingaleOs Nightingale
Os Nightingaleoscon2007
 

Semelhante a Virtualization security (20)

Otology learning
Otology learningOtology learning
Otology learning
 
Telecom service futures driven by customer need
Telecom service futures driven by customer needTelecom service futures driven by customer need
Telecom service futures driven by customer need
 
Analysis of Regional Phishing Attack
Analysis of Regional Phishing AttackAnalysis of Regional Phishing Attack
Analysis of Regional Phishing Attack
 
Cyber Security in a Fully Mobile World
Cyber Security in a Fully Mobile WorldCyber Security in a Fully Mobile World
Cyber Security in a Fully Mobile World
 
Congresso Crimes Eletrônicos, 08/03/2009 - Apresentação Ghassan Dreibi
Congresso Crimes Eletrônicos, 08/03/2009 - Apresentação Ghassan DreibiCongresso Crimes Eletrônicos, 08/03/2009 - Apresentação Ghassan Dreibi
Congresso Crimes Eletrônicos, 08/03/2009 - Apresentação Ghassan Dreibi
 
Web Development for Managers
Web Development for ManagersWeb Development for Managers
Web Development for Managers
 
Vyprvpn review
Vyprvpn reviewVyprvpn review
Vyprvpn review
 
Ceh v8 labs module 11 session hijacking
Ceh v8 labs module 11 session hijackingCeh v8 labs module 11 session hijacking
Ceh v8 labs module 11 session hijacking
 
Hacking web applications CEHv8 module 13
Hacking web applications CEHv8 module 13Hacking web applications CEHv8 module 13
Hacking web applications CEHv8 module 13
 
Innovation in the platform world
Innovation in the platform worldInnovation in the platform world
Innovation in the platform world
 
Small data big impact
Small data big impactSmall data big impact
Small data big impact
 
World Hosting Days - More than just a control panel - reveal the power of Web...
World Hosting Days - More than just a control panel - reveal the power of Web...World Hosting Days - More than just a control panel - reveal the power of Web...
World Hosting Days - More than just a control panel - reveal the power of Web...
 
WHD.usa - Plesk - more than just a control panel - reveal the power of web op...
WHD.usa - Plesk - more than just a control panel - reveal the power of web op...WHD.usa - Plesk - more than just a control panel - reveal the power of web op...
WHD.usa - Plesk - more than just a control panel - reveal the power of web op...
 
CYBER DEFENCE SCENARIOS - Part 2: Building The Blue Team
CYBER DEFENCE SCENARIOS - Part 2: Building The Blue TeamCYBER DEFENCE SCENARIOS - Part 2: Building The Blue Team
CYBER DEFENCE SCENARIOS - Part 2: Building The Blue Team
 
Internet of Things - Introduction
Internet of Things - IntroductionInternet of Things - Introduction
Internet of Things - Introduction
 
Ceh v8 labs module 19 cryptography
Ceh v8 labs module 19 cryptographyCeh v8 labs module 19 cryptography
Ceh v8 labs module 19 cryptography
 
Web Content Management - Introduction
Web Content Management - IntroductionWeb Content Management - Introduction
Web Content Management - Introduction
 
Fullscreen Digital - Retail business optimization solutions
Fullscreen Digital - Retail business optimization solutionsFullscreen Digital - Retail business optimization solutions
Fullscreen Digital - Retail business optimization solutions
 
Quick Reference Guide: Server Hosting
Quick Reference Guide: Server HostingQuick Reference Guide: Server Hosting
Quick Reference Guide: Server Hosting
 
Os Nightingale
Os NightingaleOs Nightingale
Os Nightingale
 

Mais de n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Mais de n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Último

How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxNikitaBankoti2
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIShubhangi Sonawane
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 

Último (20)

How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 

Virtualization security

  • 1. Virtualizati on -By Ma ng e s h Gunj a l
  • 2. Topics to be Covered:  Vir t ua l iz at io n  Vir t ua l Ma c hine Mo nit o r  T y p es o f Vir t ua l iz at io n  Why Vir t ua l iz at io n..?  Vir t ua l iz at io n Ap p l ic at io n Ar e a s  Vir t ua l iz at io n Ris k s  Vir t ua l iz at io n Se c ur it y  VM Sp r awl  Mis c e l l a ne o us
  • 3. Virtualization - Mul t ip l e Op e r a t ing Sy s t e ms o n a Sing l e Phy s ic a l Sy s t e m - Mul t ip lt e Ex e c utrio y ing Ha r d wa r e Sha r e he Und e l - n Re s o ur c e s . Env ir o nme nt s , - Ha r d wa r e a nd So f t wa r e Pa r t it io ning , - T ime -Sha r ing , - Pa r t ia l o r Co mp l e t e Ma c hine Simul a t io n/ - Se p a r a tio n o f a Re s o ur c e Emul a t io n o r Re q ue s t f o r a s e r v ic e .
  • 4. S o u r c e : Vir t ua l iz a t io n Ov e r v ie w whit e p a p e r , By
  • 5. - Vir t ua l Ma c hine Mo nit o r ( VMM) - Emul a t io n o r s imul a t io n - Vir t ua l Ma c hine s - I s o l a t e d Env ir o nme nt
  • 6. S o u r c e : Vir t ua l iz a t io n Ov e r v ie w whit e p a p e r , By
  • 7. Para Virtualization S o u r c e : Vir t ua l iz a t io n Ov e r v ie w whit e p a p e r , By
  • 8. Why Virtualization..?  Se r v e r Co ns o l id at io n.  Leg a c y Ap p l ic at io ns.  Sa nd b o x .  Ex e c ut io n o f Mul t ip l e Op e r at ing Sy s t e ms.  Simul at io n o f Ha r d wa r e a nd Ne t wo r k ing Dev ic es.  Po we r f ul De bugging a nd Pe r f o r ma nc e Mo nit o r ing  Fa ul t a nd Er r o r Co nt a inme nt  Ap p l ic at io n a nd Sy s t e m Mo b il it y  Sha r e d Me mo r y Mul t ip r o c ess o r s  Bus iness Co nt inuit y
  • 9. S o u r c e : Vir t ua l iz a t io n Ov e r v ie w whit e p a p e r , By
  • 10. I n f r a s t r u c t u r e is wha t c o nne c t s r e s o ur c e s t o y o ur b us ine s s . V ir t u a l I n f r a s t r u c t u r e is a d y na mic ma p p ing o f y o ur r e s o ur c e s t o y o ur b us ine s s . S o u r c e : Vir t ua l iz a t io n Ov e r v ie w R e s u l t : d e c r e a s e d c o s t s a nd whit e p a p e r , By
  • 11. Virtualization Application Areas Des k t o p Vir t ua l iz at io n Ap p l ic at io n Vir t ua l iz at io n
  • 12. Virtualization Application Areas Se r v e r Vir t ua l iz a t io n St o r a g e Vir t ua l iz a t io n I nf r a s t r uc t ur e Vir t ua l iz at io n Ne t wo r k Vir t ua l iz a t io n
  • 13. Virtualization Risks - I ne x p e r ie nc e I nv o l v e d . - I nc r e a s e d Cha nne l s f o r At t a c k . - Cha ng e Ma na g e me nt Co nt r o l . - I T Ass e t T r a c k ing a nd Ma na g e me nt . - Se c ur ing Do r ma nt Vir t ua l Ma c hines. - Sha r ing Dat a b e t we e n Vir t ua l Ma c hines.
  • 14. Exploitation on Virtualization - Malicious Code Activities through Detection of VM. - Denial of Service on the Virtual Machine. - Virtual Machine Escape
  • 15. Historical Incident - VMware Multiple Denial Of Service Vulnerabilities Some VMware products support storing configuration information in VMDB files. Under some circumstances, a malicious user could instruct the virtual machine process (VMX) to store malformed data, causing an error. This error could enable a successful Denial-of- Service attack on guest operating systems. Link:
  • 16. Virtualization Security  Hy p e r v is o r Se c ur it y  Ho s t / Pl at f o r m Se c ur it y  Se c ur ing Co mmunic at io ns  Se c ur it y b e t we e n Gues t s  Se c ur it y b e t we e n Ho s t s a nd Gues t s  Vir t ua l iz e d I nf r a s t r uc t ur e Se c ur it y  Vir t ua l Ma c hine Sp r awl
  • 17. Hardening Steps to Secure Virtualisation Environment - Server Service Console - Restriction to Internal Trusted Network - Block all the incoming and outgoing traffic except for necessary ports. - Monitor the integrity and modification of the configuration files - Limit ssh based client communication to a discrete group of ip addresses - Create separate partitions for /home, /tmp, and /var/log
  • 18. Hardening Steps to Secure Virtualisation Environment - Virtual Network Layer - Network breach by user error or omission. - MAC Address spoofing (MAC address changes) - MAC Address spoofing (Forged transmissions)
  • 19. Hardening Steps to Secure Virtualisation Environment - Virtual Machine - Apply standard infrastructure security measures into virtual infrastructure - Set the resource reservation and limits for each virtual machine
  • 20. Virtual Machine Sprawl  Unc he c k e d c r e at io n o f ne w Vir t ua l Ma c hines ( Vms )  T he VMs t hat a r e c r e at e d f o r a s ho r t -t e r m p r o j e c t a r e s t il l us ing CPU, RAM a nd ne t wo r k r es o ur c es, a nd t hey c o ns ume s t o r a g e ev e n if t hey a r e powe r e d of f .  VM s p r awl c o ul d l e a d t o a c o mp ut ing e nv ir o nme nt r unning o ut o f r es o ur c es at a muc h q uic k e r -t ha n-e x p e c t e d r at e , a nd it c o ul d s k e w wid e r c a p a c it y - p l a nning e x e r c is es.
  • 21. Miscellaneous  Ka s p e r s ky La b ha s int r o d uc e d Ka s p e r s ky Se c ur it y f o r Vir t ua l iz at io n, a v ir t ua l s e c ur it y a p p l ia nc e t hat int egr at es wit h VMwa r e v Shie l d End po int t o p r ov id e a g e nt l ess, a nt i ma l wa r e s e c ur it y.  VMwa r e So ur c e Co d e Le a k Rev e a l s Vir t ua l iz at io n Se c ur it y Co nc e r ns.  Sy ma nt e c ha s it s own wid e r a ng e o f t o o l s f o r Vir t ua l iz at io n Se c ur it y : − Sy ma nt e c Cr it ic a l Sy s t e m Pr ot e c t io n − Sy ma nt e c Dat a Lo ss Pr ev e nt io n − Sy ma nt e c Co nt r o l Co mp l ia nc e Suit e − Sy ma nt e c Se c ur it y I nf o r mat io n Ma na g e r
  • 22. References - VMware.com - Microsoft.com - SANS.org - Gartner.com - Trendmicro.com - Symantec.com