Virtualization, Cloud, Infrastructure and all that stuff in-between

My ramblings on the stuff that holds it all together

VMWare Vulnerability during VMotion.. is it really?

1 Comment Posted by on February 27, 2008

 

As the Hoff posts here and on VMTN here. the proposed vulnerability that you can manipulate and possibly compromise a VM during a VMotion process isn’t exactly major, it’s clever.. but – like anything if you don’t follow the best-practice recommendations then you expose yourself to these risks… same reason they recommend you lock your server room or don’t have blank passwords – this attack is akin to gaining physical access to the hardware or being able to sniff a physical switch port – in this instance, it’s “virtual” hardware.

VMWare have always recommended keeping the VMotion traffic on a separate VLAN or network.

the other vulnerability where VMTools can be compromised on is different, but again preventable.. and not enabled on server instances of VMWare.

ESX, Geeky, Security, VMotion, VMWare, vulnerability

One response to “VMWare Vulnerability during VMotion.. is it really?

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: