Security Basics mailing list archives

Re: Virtual environments security

From: "Alexey Eremenko" <al4321 () gmail com>
Date: Thu, 14 Dec 2006 22:51:47 +0200

On 12/14/06, Octavian Popescu <sigquit () yahoo com> wrote:

Hi,

Any idea about some good resources on the subject? (VMware, Virtual PC/Server security etc) I'm interested most of all 
in studies towards the possibility of breaking the virtual env. and directly accessing the hw resources but other general 
info should be just fine.


This is doable either via:
-Virtual Network (only if it's configured in the VM software)
or
-Bugs in the VM Software

(for example VirtualPC crashes with certain commands - esp. while
playing TuxRacer on Mandrake Linux 9.2 :) - maybe those bugs can be
exploited to get control over the real environment. )

-Technologov

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

Virtual environments security Octavian Popescu (Dec 14)
- Re: Virtual environments security Alexey Eremenko (Dec 14)
- RE: Virtual environments security Lall, Navneet Singh (Dec 15)