| Feature | VMware | RHEV |
| Advanced Storage Integration & Management:
Shared storage QoS Live storage migration Storage load balancing Intelligent placement Integration APIs |
Storage I/O Control Storage vMotion Storage DRS Profile-driven Storage Over 150 arrays with VAAI |
No No No No No |
|
Continuous availability |
VMware FT |
No |
|
AgentlessVM backup and recovery with deduplication |
VMware Data Recovery |
No |
|
Virtualization-aware security |
vShield product family |
No |
|
Virtualization planning and management tools |
ConfigMgr, CapacityIQ, Chargeback, Converter |
No |
Sunday, February 26, 2012
vSphere 5 offers essential features missing from RHEV3
Thursday, February 23, 2012
New Virtualization System-Specific Attacks
■ VM jumping/guest hopping
–Attackers take advantage of hypervisor escape vulnerabilities to “jump” from one VM to another
■ VM attacks
–Attacks during deployment and duplication
–Deletion of virtual images
–Attacks on control of virtual machines
–Code/file injection into virtualization file structure
■ VM migration
–VM migration is transfer of guest OS from one physical server to another with little or no downtime
– Implemented by several virtualization products
–Provides high availability and dynamic load balancing
■ VM migration attack
– If migration protocol is unencrypted, susceptible to man-in-the-middle attack
–Allows arbitrary state in VM to be modified
– In default configuration, Xen Motion is susceptible (no encryption)
–VMware’s VMotion system supports encryption
–Proof-of-concept developed by John Oberheide at the Univ. of Michigan
■ Management server attacks
–Exploit management console vulnerabilities that divulge password information
–Exploit management console vulnerabilities to gain access to management server
–Exploit vulnerabilities that allow local management server users to gain elevated privileges
■ Administrative VM attacks – exploit vulnerabilities to:
–Cause a denial of service by halting the system
–Cause a denial of service by crashing the administrative VM
–Obtain passwords that are stored in clear text
–Exploit buffer overflows in exposed services to execute arbitrary code
–Exploit vulnerable services to gain elevated privileges
–Bypass authentication
■ Guest VM attacks – exploit vulnerabilities to:
–Gain elevated privileges
–Crash the virtual machine
–Truncate arbitrary files on the system
–Execute arbitrary code with elevated privileges
■ Hypervisor attacks – exploit vulnerabilities to:
–Cause the hypervisor to crash
–Escape from one guest VM to another
■ Hyperjacking
–Consists of installing a rogue hypervisor
• One method for doing this is overwriting page files on disk that contain paged-out kernel code
• Force kernel to be paged out by allocating large amounts of memory
• Find unused driver in page file and replace its dispatch function with shell code
• Take action to cause driver to be executed
• Shell code downloads the rest of the malware
• Host OS is migrated to run in a virtual machine
–Has been demonstrated for taking control of Host OS
–Hyper jacking of hypervisors may be possible, but not yet demonstrated
• Hypervisors will come under intense scrutiny because they are such attractive targets
–Known hyper jacking tools: BluePill, SubVirt, Vitrio
Subscribe to:
Posts (Atom)