Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go
-->

Virtualized Servers Vulnerable to DOS & Online Data Theft

Virtualized servers are vulnerable to critical security threats like Denial-of-Service (DoS) and data theft. Meanwhile, the normal defenses like firewalls and other security appliances are not prepared for virtualization, as reported by onestopclick on February 18, 2008.

In a virtualization process, physical features of computing resources are hidden in such a manner in which the rest of the computers on the network, programs, or end users communicate with those means. This involves making any one physical means like server, an operating system, software, and storage device as to function as various logical means.

An attractive characteristic of a virtualized server is its ability to copy virtual servers to fulfill its demand. However, this is causing a great concern about security of data theft or DoS conditions, according to the subject under discussion to be held at the U.S. Black Hat DC 2008 conference during the third week of February 2008.

Ph.D. candidate Jon Oberheide at the University of Michigan, who would give the brief on the scheduled talk, said that during migration of a virtual system from server to server, the machine can be attacked in several ways. This is primarily because of weak authentication between systems and unencrypted virtualized computer traffic being transmitted among physical machines.

Oberheide said that the attack can be easy, provided the servers and the attacker relate to a single network. He also said that a short-lived cure is to load encryption software onto physical systems that might have virtual systems migrating through them.

The study by Oberheide involves shooting man-of-the-middle attacks from open source VMware and Xen virtualization platforms. According to Citrix, the company that sells Xen's commercial version, the problem can be resolved if the management server is made to work like an external party to establish validity between original and destination servers.

While server virtualization helps in security, virtualized environments have their own security problems that can originate both internally and externally. And since it is difficult to thwart these virtualized threats, computer viruses can spread, data get stolen, DOS get created, and regulatory compliance come to contradict within virtualized conditions.

Related article: Virtual Cyber Attack finds Flaws in Cyber Security

ยป SPAMfighter News - 25-02-2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next