Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: VMware ESX

from [Captain Quirk] Network Security [Permanent Link]
Subject: Re: VMware ESX
Date: Mon, 21 Apr 2008 12:30:24 -0700 
NOBODY has any feedback about this? That's really surprising. Like,
REALLY surprising...

My (limited) understanding is that if they hack into a machine within
the cluster they've essentially hacked into EVERY machine in that
cluster. How big of a deal that is, though, I'm not sure. If you
consider that the same can be said if someone hacks into any machine
on your NETWORK, then what's the difference?

I also note you said "cluster"; are you referring hacking into the ESX
layer and not the guest OS? At the ESX layer there are proof of
concept attacks but none in the wild that I am aware of. Any body's
guess as to how vulnerable you would be, as well. I suppose a lot of
that would depend on best practices and how they're adopted to your
network. I'd also make sure IDS was running and pushing the data off
to a remote syslog server...

Can anyone expand on this, please? Personally I'd love to get a
greater understanding....

Thanks.

On Mon, Apr 21, 2008 at 5:23 AM, Paul Heywood
<Paul.Heywood@unitypartnership.com> wrote:

Hi forum,

 we've got a VMware ESX group of servers running on the inside of our 
network. Our server team want to extend this to include some DMZ servers. How 
vulnerable would this leave the internal network ? Am I correct in thinking 
that if the VMware cluster was hacked, this would give them access to the 
internal network

 **********************************************************************
 The information in this e-mail is confidential and may be legally privileged.
 It is intended solely for the addressee. Access to this email by anyone else
 is unauthorised. If you have received it in error, please notify us 
immediately
 by replying to this e-mail and then delete it from your system.

 This note confirms that this email message has been swept for the presence of
 computer viruses, however we advise that in keeping with good IT practice the
 recipient should ensure that the e-mail together with any attachments are 
virus
 free by running a virus scan themselves.  We cannot accept any 
responsibility for
 any damage or loss caused by software viruses.

 The Unity Partnership Ltd, registered in England at West Hall, Parvis Road, 
West Byfleet, Surrey UK KT14 6EZ.
 Registered No : 5916336.  VAT No : 903761336.
 **********************************************************************





-- 
"Dear God, save us from the people who believe in you." -- post-9/11 graffiti
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: VMware ESX, Robert Taylor
Next by Date:  Re: Tutorial on Wireless packet sniffing, Michael Painter
Previous by Thread:  Re: VMware ESX, Predrag
Next by Thread:  RE: VMware ESX, TVB NOC
Indexes:  [Date] [Thread] [Top] [All Lists]