length:  00:23:00

Special guests: Rafal Wojtczuk and Rahul Kashyap.

When you go virtual, you will have same security problem

When deploying virtual environment need to prepare security wisely

It’s naïve to think that that virtual = secure

Virtualization has a lot to offer:

-          Offer separation

-          Offer much level of control

It’s difficult to detect rootkit, hypervisor offer a new level, allow freeze the system and analyze it – including analyzing the system accurately

This procedure cannot be tempered by the code running at guess level

-          Create opportunity to AV companies having this level of control & access – get better view of the state of the OS

Trusted computing could be very important solution

If there is rootkit – hard to detect – having secure channel helps!

In BSD & linux: KVM Kernel Virtual Memory

Can VM be detected via network?

As easch VM guest get a slice of processing time, in round robin, it is possible to do packet analysis – looking at the rate of how packet is created – it’s possible to guess if it’s a VM..