Rights Contact Login For More Details
More About This Title Securing the Virtual Environment: How to Defend the Enterprise Against Attack (with DVD)
- English
English
As more and more data is moved into virtual environments the need to secure them becomes increasingly important. Useful for service providers as well as enterprise and small business IT professionals the book offers a broad look across virtualization used in various industries as well as a narrow view of vulnerabilities unique to virtual environments. A companion DVD is included with recipes and testing scripts.
Examines the difference in a virtual model versus traditional computing models and the appropriate technology and procedures to defend it from attackDissects and exposes attacks targeted at the virtual environment and the steps necessary for defenseCovers information security in virtual environments: building a virtual attack lab, finding leaks, getting a side-channel, denying or compromising services, abusing the hypervisor, forcing an interception, and spreading infestationsAccompanying DVD includes hands-on examples and codeThis how-to guide arms IT managers, vendors, and architects of virtual environments with the tools they need to protect against common threats.
- English
English
Davi Ottenheimer is president of flyingpenguin and a security/compliance consultant to VMware. He was previously responsible for security at Barclays Global Investors and at Yahoo! He also has helped secure Cisco, U.S. DoD, IBM, Intel, State Farm, and the University of California. Matthew Wallace is a solutions architect at VMware and was the founding engineer of Exodus Communications' Managed Security Services.
- English
English
Chapter 1 Virtualized Environment Attacks 1
A Brief Introduction to the Cloud 1
Flavors of "Cloud" 3
Powering the Cloud 3
Why the Cloud Is Here to Stay 4
Managing Cloud Security 5
Principles of Information Security 6
Information Assets 7
Potential Threats 8
Potential Vulnerabilities 8
Potential Consequences 8
Incremental Risk Mitigation 9
Deny by Default 9
Never Trust Input; Assume the Worst 11
Confidentiality, Integrity, and Availability 12
The Human Factor 13
Managing Cloud Risks 14
Asset Management 20
Vulnerability Assessment 22
Communication 22
Authentication and Authorization 23
Software 25
Managing Cloud Compliance 31
Defining Compliance and Security 33
Making Use of Warnings 34
Cloud and the PKI 35
Summary 36
Chapter 2 Attacking from the Outside 41
Who Is an Outsider? 41
HR Policies and Procedures 42
Contracting and Outsourcing Talent 44
Friends and Family Discount 45
Configuring Cloud Audit Logs 46
Keeping Tabs on Accounts 50
Extending and Trusting Communication 50
Delegating and Spreading Roles in Order to Scale 62
Novice Users Empowered by Cloud Environments 62
Outsourced and Offshored Resources 62
SaaS Software Development at “Cloud Speed” 63
The Needs of Bespoke Solutions 63
Ensuring Continuity 64
Underspecialization 65
How to Piggyback on Fixes 66
Sudo and Shell Logging 70
Spoofi ng a Certifi cate 73
Summary 74
Chapter 3 Making the Complex Simple 77
Looking Around Without Getting Caught 78
Checking to See If Anyone Is Watching 78
Checking for Gaps in Awareness 79
Checking for Responsiveness 80
Complexity and the Cloud 81
Choosing a Spot with a View 83
The Hypervisor 83
The Director/Orchestrator/Manager 88
Assessing the Risk from Assessors 93
Slicing and Dicing Data 94
Detecting Layers of Virtualization Technology 94
Identifying and Targeting Assets 96
Versions 102
Supporting Infrastructure 103
Mail Servers 103
Web Servers 103
Domain Name Service 104
Databases and Directory Services 104
Timing an Attack 104
Long-versus Short-Term Objectives 104
How Long before You Are Ready to Attack? 104
How Long before You Can Attack Again? 105
Summary 106
Chapter 4 Denial of Service 109
Finding Signal in Noise 109
Improving Denial 111
Distributing Denial 112
Defi ning Success 113
Finding Service Vulnerabilities 115
Scanning and Validating Service Levels 115
Abstracting and Overcommitting 115
Validating Complexity 118
Limits of Penetration Testing 120
Denial of Testing 120
Testing for Denial 121
Abusing Proximity of Services: Step Attacks and Speed Attacks 125
Exploiting Service Vulnerabilities 127
Breaking Connections Between Services 127
Exhausting Resources 130
CPU 130
Memory 130
Disk Space and IOPS 131
The Dangers of Overcommitment 132
Locking Out Others 132
Summary 137
Chapter 5 Abusing the Hypervisor 141
Replacing Hardware Layers with Software 142
Relating Physical to Virtual 142
Displays 143
Memory 144
Disk 145
Network 147
Compromising the Kernel 147
Low-Level Interception 148
Real-World Example: Duqu 148
Classification and Defense 150
Breaking Out of KVM 151
Attacking Virtual CPU and Memory 161
The Cup Is Half Secure 162
Taking Plato’s Shadow Pill 162
Demonstrating the Risks 163
Qualifying Fear and Uncertainty 164
Measuring Failure Rates 165
Focusing on the Shortcomings of New Technology 166
Finding the Different Yet Old Attack Surfaces 167
Network 168
Systems 171
Databases 172
Escaping Jails, Sandboxes, and Buffers 174
What Is the Purpose of Root, Anyway? 176
Breaking Away from Identifi ers 177
Every Door Is the Front Door 178
Summary 180
Chapter 6 Finding Leaks and Obtaining a Side Channel 185
Peeping Toms 186
Working Around Layer 2 and Layer 3 Controls 187
Becoming a Regular Man in the Middle 189
VMware vmKernel, vMotion, and Management Traffic 190
Xen and Live Migration 190
Mayhem with Certificates 191
Eliciting a Response by Manipulating State 193
Noisy Neighbors 194
Working on Shared Paths 195
Risk of Co-Tenancy 195
Detecting Co-Tenancy 197
IP-Based Detection 197
Timestamp Fingerprinting 198
Latency Testing 198
Cache-Based Detection 199
Conclusion 199
Forcing Co-Tenancy 199
Avoiding Co-Tenancy 200
Summary 201
Chapter 7 Logging and Orchestration 205
Logging Events 205
Virtualization and Cloud Logs 208
Multitenancy 210
Collating, Archiving, and Protecting 216
What to Look for in a SIEM Solution 217
Safety and Reliability 219
Sampling, or Getting Ready for the Auditors 219
Testing Incident Responsiveness 220
Tampering with Infrastructure 220
Adding, Duplicating, Deleting, and Modifying VMs 226
Modifying Logs: Hiding from SIEM 234
Orchestration: Good and Evil 236
Solving Business Challenges 237
Why Orchestrate? 237
The Power of Elasticity and Agility 238
Devops and the Cloud 238
Risks Resulting from Orchestration 239
Outdated Images or Templates 239
Archived Exploits 241
Runaway Infrastructure Intelligence 242
Exploiting Orchestration Directly 243
Tarnishing Gold Images 243
Exploiting Image Customization to Modify VMs 246
Attacks Against Backups and Snapshots 248
P2V 249
Summary 249
Chapter 8 Forcing an Interception 251
Mapping the Infrastructure 251
Finding and Exploiting the Middle Ground 258
Abuse of Management Interfaces 259
APIs and System Communication 261
Getting around API Blockades 264
Playing Games with Management Tools 265
Elastic Nightmares: Moving Data in the Clear 265
Finding Secure Boundaries 266
Summary 270
Chapter 9 Abusing Software as a Service 273
When All You Are Is a Nail, Everything Wants to Be a Hammer 274
Managing Identities 277
Centralizing and Federating 278
Finding Integrity Bugs 279
Finding Confidentiality Bugs 282
Trusting Authorities 285
Secure Development 287
Data Entropy 290
The Ubiquity of the Browser 299
Average Users and the Pain of Software Evolution 301
Stuck on JavaScript 303
The Risks of SaaS 305
The Attackers Have Your Environment 310
Homogeneity and the Rate of Infection 312
Summary 313
Chapter 10 Building Compliance into Virtual and Cloud Environments 319
Compliance versus Security 319
Virtualization Security 322
Brokering 326
Proxies 327
Federation 329
Virtualization Compliance 330
Working with Auditors and Assessors 335
Using Checklists and a Master Matrix 339
Should Do versus How To 341
ISO 27001, SAS 70, and SOC 2 341
Managing Expectations 342
Service Organization Controls 344
Automating Scope Assessments 347
Managing Change 348
HIPAA 351
FISMA, NIST, and FedRAMP 353
Summary 356
Appendix A Building a Virtual Attack Test Lab 361
Components of the Virtual Penetration Testing Lab 362
Physical versus Virtual 362
Hungry for RAM 363
Installation Order 363
Bill of Materials 364
Building the Gateway 364
Building the ESXi Hypervisor System 367
Configuring Shared Client Networking 372
Adding a Secondary IP Address to Windows 7 372
Adding a Secondary IP Address to a Mac 374
Adding a Secondary IP Address to a Linux System 375
Building Xen 376
Building KVM 383
Using Your Virtual Environments: Virtual Attacks 392
Adding Vulnerable Virtual Machines 392
Setting Up Backtrack 396
Where to Go from Here 398
Build the Cloud Stack 398
Eucalyptus 399
VMware vCloud 399
OpenStack 399
Amazon AWS 399
Start Building an Archive 400
Appendix B About the Media 401
Index 403