Saturday, March 24, 2012

CPE: McAfee AudioParasitic: Episode 19 Virtualization part 1/2

length:  00:21:03
Special guests: Rafal Wojtczuk and Rahul Kashyap.

A lot of people think about virtualization as a way to protect system..

Virtualization is also useful to analyze malware…

The question is this security compartment solid enough?
Can the barrier be broken? Allowing malware to spread from guess to host?

Vulnerability tin VM NAT  - parsing FTP protocol – b0f can execute arbitrary code in host not on guest!!

Some malware is actually VMware aware when running inside VM environment.

There have been a lot of talk that virtualization will provide security…
The idea was there is no need for security when system is put in virtualization is a myth!!!

Intel provide ring 0 hw access for hypervisor…

The separation concept is interesting
Gardner said in 2009 80% of virtual system will be more vulnerable than the physical counterpart

There is a mad rush to be the first – not really care about security
A lot of people rely too much on feature such snapshot as security option..
Because it is virtual it is more secure – is a myth!!!

Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home