Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: VMWare and Security

from [thomas seclists] Network Security [Permanent Link]
Subject: Re: VMWare and Security
Date: Tue, 26 Apr 2005 11:52:59 -0400 
During a recent meeting with a VMWare rep, I gathered the following
info about the OS of the current version of ESX:
- Runs on a stripped down version of RedHat 7.2
- I believe he said it runs on a 2.4 kernel

In addition:
- ESX 3.0 will see an upgrade to a 'recent RedHat version' with a 2.6
kernel (lead me to believe RHEL - perhaps 4?)

As for the difference between ESX and GSX - Product Comparison:
http://www.vmware.com/products/server/server_comp.html

-Thomas

On 4/26/05, Rik Bobbaers <Rik.Bobbaers@cc.kuleuven.ac.be> wrote:

On Monday 25 April 2005 12:12, P.B. Wagenaar wrote:

As far as I know, ESX uses it's own OS and does not run on top of Windows
i.e. (GSX is the version that runs on a host layer).

So the ESX version uses its own virtualization layer. This could be
considerd to be an Operating System right? And there are no security issues
with this? What if someone starts writing an exploit for the ESX
virtualization layer? Like a malformed TCP packet? The virtual machine (ie.
Windows server 2003) might have no problems with the malformed packet, but
it passes through the virtualization layer first. I am not saying that
there is something wrong with this approach or that is less secure or
whatever. I am just asking if all operating systems have had security
related bugs, what are the chances the ESX has to go through this cycle
also? And how would a security issue in the virtualization layer affect the
virtual machines running on it?

Once again, vmware is a great product in my eyes, and I can not see
anything that is wrong with it being not begin secure or something. But if
you can consider ESX to be an OS (like linux and windows), and most OS have
had security issues at one time or another, how should an organization
treat a new OS like ESX?


let's put it different...

ESX is a RedHat linux which is tuned by the vmware people...

but what do the vmware people do to improve security on ESX?

i think esx 2.5 sitll runs kernel 2.6.5 (iirc).

i'd like to add another question... what's the advantage of ESX to GSX?
(maintenance of a linux machine is peanuts, so that doesn't count ;))

--
harry
aka Rik Bobbaers

K.U.Leuven - LUDIT             -=- Tel: +32 485 52 71 50
Rik.Bobbaers@cc.kuleuven.ac.be -=- http://harry.ulyssis.org

ASCII stupid question, get a stupid ANSI!
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: HD memory wiper/shredder, Ansgar -59cobalt- Wiechers
Next by Date:  RE: VNC Security, Conlan Adams
Previous by Thread:  Re: VMWare and Security, Rik Bobbaers
Next by Thread:  Re: VMWare and Security, Gene Yoo
Indexes:  [Date] [Thread] [Top] [All Lists]