0wning Xen?

InvisibleThings.org posted some more details on their Xen Owning Trilogy session at last weeks Black Hat conference in Las Vegas.

Joanna Rutkowska and her crew gave a series of 3 talks discussing different potential security issues with Xen. With the VirtSec awareness growing this obviously is an important topic .

When quickly skimming trough the presentations the big question that arise is , how relevant is this all for a day to day production environment. Given the fact that some exploits assume you already root before you can install a stealth backdoor and others rely on specific hardware features that might or might not be available in your setup things might be that critical yet.

All 3 talks can be found on the Invisiblethingslab.com site

Virtualization.com will have a closer look at the discussed issues and we’ll be back with more detail later.

About the author

Kris Buytaert is a long time Linux and Open Source Consultant active in Belgium , Europe and the rest of the universe. He is currently working for Inuits Kris is the Co-Author of Virtualization with Xen ,used to be the maintainer of the openMosix HOWTO and author of different technical publications. He is frequently speaking at, or organizing different international conferences He spends most of his time working on Linux Clustering (both High Availability, Scalability and HPC), Virtualisation and Large Infrastructure Management projects hence trying to build infrastructures that can survive the 10th floor test, better known today as the cloud while actively promoting the devops idea ! His blog titled "Everything is a Freaking DNS Problem" can be found at http://www.krisbuytaert.be/blog/

Trackbacks for this post

  1. 0wning Xen with more detail | Virtualization.com

Leave a Comment

Powered by WordPress | Deadline Theme : An AWESEM design