OVERVIEW

In this the fourth technical article from Orthus that summarises much of the platform focused industry research that has taken place as regards issues associated with the security of virtualisation platforms, we outline the final category of virtualised platform specific vulnerabilities, namely that of virtual machine environment destruction.

THE FALLIBILITY OF SOFTWARE

As has been highlighted in the preceding articles, there exist a number of mechanism whereby attackers can bypass the supposed isolations between guest and host operating system instances in a virtual machine environment, as well as a variety of mechanisms for discovering VMEs.

All software is fallible, and it is this fallibility that has been so successfully exploited by security researchers to date. One area of research that has received increased attention in recent years is the ability of virtualised environments to withstand hostile code. The most commonly cited work in this area was conducted by Tavis Ormandy of Google Inc, ‘An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments’[i]. In this work, Ormandy highlights a number of abnormal terminations within VMware products that cast doubt on the concept of isolation and separation within platform virtualisation technologies.

TOOLING

Utilising the IOFUZZ utility to generate random I/O activity within virtual machine instances, as well as the user-mode CRASHME utility developed by George Carette to subject the virtualised environments to stress testing of faults, Ormandy was able to trivially generate a series of unexpected error conditions and abnormal terminations within a variety of virtual machine environments.

EXPLOITATION

Should attackers possess the necessary privileges and permissions to access I/O ports within virtual machine environments, the virtual machine monitor instances could be compromised, and arbitrary code executed within the context of the running process.

This area of research has yet to receive directed attention from security researchers and public results are still scant, however in current conditions, an attacker may be able to trivially create abnormal terminations within virtual machine environments using simple error fuzzing, and this is potentially a fertile area for future malicious code.

NEXT TIME…

In our next article we will discuss final category of virtualised platform specific vulnerability, namely that of virtual machine environment destruction.

As can be seen in this and the preceding articles, a number of research efforts have been expended upon defining the threats and vulnerabilities present within virtualised platform technologies.

Related posts:

1. Virtualization Security – The How To Guide – Part 2 OVERVIEW In this the second of six technical articles from...
2. Virtualisation Security – The How To Guide – Part 1 A number of security research projects have been undertaken into...
3. Virtualization Security – The How To Guide – Part 3 OVERVIEW In this the third technical article from Orthus that...
4. Virtualization Security – The How To Guide – Part 6 OVERVIEW In this the final virtualisation article from Orthus, we...
5. Virtualization Security – The How To Guide – Part 5 OVERVIEW In this the penultimate virtualisation article, we look at...

Related posts brought to you by Yet Another Related Posts Plugin.

• Previous Entry: How Do I Setup Vmware To Run A Datebase?
• Next Entry: Vmware Vi And Vsphere Sdk By Steve Jin (2009)