Challenges of Virtual Machine Security are Multiplying

Carl Weinschenk

Virtualization is a boon for data centers and other scenarios in which concentrated computer resources are necessary.


Significant questions about the security of the technology persist, however. Indeed, it seems that the questions are proliferating. At Black Hat DC last week, a researcher demonstrated how to hack into VMware and Xen products during the movement of the virtual machine from one physical machine to another.


Dark Reading reports that the University of Michigan's Jon Oberheide introduced Xensploit, a tool that can take over the virtual machine's hypervisor and applications and, ultimately, gain access to data. Oberheide said that the data is moved in the clear, which can leave the process open for the type of man-in-the-middle attacks generally associated with public Wi-Fi schemes.


In still another piece of bad news for VMware, ZDNet reports that Core Security Technologies has released proof-of-concept software that demonstrates the ability of a hacker to create or modify executable files on the host operating system. The story goes into good detail on the exploit, the damage it can do and how it came to light.


Apparently, the issue of security and virtualization is coming to a head. On one hand, the story says, VMware is nearing an announcement on a security initiative with other companies. On the other, Core is pushing the issue by timing release of the news of the exploit during the VMworld event in Cannes. The hope was to pressure the company into taking action. Core, according to the story, says that VMware had known about the flaw for four months.


Security is only a small part of this Tech Republic piece, which relates 10 important facts about virtualization. The overall piece is a worthwhile read, however. Especially important is the first item, which makes the important point that virtualization actually covers five operations: desktop virtualization; virtual testing environments; presentation virtualization; application virtualization and storage virtualization.


The security element of the piece actually offers a rare positive spin. The writer says that isolating servers on discreet virtual machines can be more secure than running several servers on the same operating system. She also points to the ability to isolate applications in "sandboxes." In an item related to security, the writer says that disaster recovery can be done much more quickly in a virtual environment than one in which the operating system, application and data all must be reinstalled.


Fortunately, this paper -- presented by a Google researcher at CanSec West -- is summarized in this Smart Security blog posting, since its level of complexity is great. The blogger sums up the security status of virtualization smartly enough that it is worth quoting:

Virtual machines are sometimes thought of as impenetrable barriers between the guest and host, but in reality they're (usually) just another layer of software between you and the attacker. As with any complex application, it would be naive to think such a large codebase could be written without some serious bugs creeping in.

The paper, the blogger says, mostly identifies flaws such as buffer overflows. At this point, even the blogger's explanation became a bit obtuse. It is clear, however, that the paper backs up the growing belief that virtualization is vulnerable.


This Data Storage Today piece takes a high-level look at virtulized security. Specifically, it looks at four major concerns that have been expressed about the platform. Potential users are concerned about "virtual machine escapes," which are the movement of an attack from a hypervisor to the virtual machines resident on the same physical host. The second worry is that virtual machines increase patching burdens. The third concern is the challenge of whether or not to run virtual machines in the DMZ. Finally, the fact that hypervisors are new and untested is thought likely to attract hackers.

Add Comment      Leave a comment on this blog post
Mar 1, 2008 2:17 AM Prince Prince  says:
I wonder if any of the articles you mentioned are referring to Enterprise deployments. All the links talk about the Desktop Virtualization products (i.e. Hosted Virtualization). With Xen and Microsoft-based indirect driver model, I can see it being applied to those as well. With VMware ESX, being it a different architecture, I wonder if these security exploits still applies? My guess is no, especially with the 32MB footprint of VMware ESX 3i. Reply
Mar 1, 2008 2:25 AM Prince Prince  says:
By the way, related to the first link - I don't understand how moving the VMs from one host to another would be open to Man-in-the-middle attack. This is within a LAN environment, and plus the files are not moved. This is unlike a Service-Oriented Architecture where you have HTTP exposed to the internet, then surely use of SAML and client-cert with encryption turned on is a must. The VMs are simply brought up on another host and pointed to the same files. So there's no copy of VMs from one to another. Unless the author is talking about moving the storage LUN from one to another. If so, that's like any file transfer within your LAN. Sure if they have access to your LAN, then potentially they can get to the files. Reply
Mar 1, 2008 2:59 AM Prince Prince  says:
OK after reading their paper, I understand how they're attacking the Live Motion of Xen and VMware. They're not taking over the VM. Here's VMware's response to that paper. One should separate the network for Live Motion to avoid most of this from happening and don't enable promiscuous mode on the vswitch. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.