About the Author
Kris Buytaert is a long time Linux and Open Source Consultant doing Linux and Open Source projects in Belgium , Europe and the rest of the universe. He is currently working for Inuits, and starting up some new projects still in stealth mode.
Kris is the Co-Author of Virtualization with Xen, used to be the maintainer of the openMosix HOWTO and author of different technical publications. He is a frequent speaker at different international conferences.
See All Posts by This Author
March 24th, 2008 •
Related •
Filed Under
Anthony Liguori has a good summary of the
Blackhat paper by Jon Oberheide, Evan Cooke and Farnam Jahanian of the University of Michigan about Xensploit .
The idea of Xensploit is to use a Man in the Middle attack between 2 hosts performing a Live migration. The fundamental flaw is that by default Live migration of virtual machines is unencrypted or often even unauthenticated. Of course good network security practice isolates this kind of traffic in it’s own VLAN, but it shows that security is becoming a bigger issue day by day.
The vulnerability seems to be present with VMWare and Xen versions prior to 3.1 but according to Anthony not with KVM.
Share this story on your favorite social bookmarking tool:
These icons link to social bookmarking sites where readers can share and discover new web pages.
---------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------
