http://searchsecurity.techtarget.com/magazineFeature/0,296894,sid14_gci1257101_idx1,00.html
In a pretty detailed article, the author discusses various aspects relating to VMWare security. According to the article it's possible for malware to jump between VM instances and therefore the 'isolation' that's promised between the individual instances may not hold all the time.
Further, it's also possible for malware and other such nasty attack-kits to exist at the actual OS level - below the VM level. In that case the isolation would not matter. With a well-crafted attack it should also be possible for the VM instances to break their boundaries and jump to - and infect - other instances too.
Apart from this, the sheer complexity of the setup makes admins less prone to changing security settings other than what the default configuration looks like. I can't say that's a bad argument - with new technologies it's always going to be difficult to manipulate things until they become more popular - more mainstream. Until such time people are going to be quite uncomfortable changing settings on production (mission-critical) systems.
There's also an interesting discussion on group policies and how they can be rendered ineffective by simply bringing on a new VM on the network - making the group policies (that can make it difficult or impossible to start new VMs or modify existing VMs on a given host OS) quite irrelevant.
The article is definitely worth a read.
Be safe!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment