Here's a VERY interesting read from the legendary Ed Skoudis and Tom Liston, about some recent observations in attack code. Basically, code is surfacing that detects whether the machine is 'real' or virtual. The authors offer an explanation to the effect of "attackers perceive that a lot of honeypots are running as VM's, therefore their code doesn't execute on VM's in an effort to avoid detection".
Of course, VMware marketing are already trying to put a "VM's are more secure than physical boxes" spin on it, but really they are doing themselves more harm than good... I can only assume they didn't see the last few slides that demonstrate the isolation of VM's is somewhat questionable (I'm sure you'll agree when you see them). VM isolation is something VMware has aggressively defended in the past... I remember a whitepaper they released not so long ago in response to someone who was questioning storage isolation. That person clearly had no idea how VMware actually works, unlike Liston & Skoudis.
Tuesday, November 28, 2006
Microsoft Patterns & Practices Security How Tos...
Here's a bunch of very handy articles from the Patterns and Practices group at Microsoft... they will go a long way towards helping infrastructure engineers work with application developers to ensure secure application architecture and deployment.
I don't know how many arguments I've had with developers who had no idea about what they were actually proposing to deploy from an infrastructure security standpoint (much worse than the usual 'must run with admin' demands), I'll be sure to point them at this link when relevant in the future!
I don't know how many arguments I've had with developers who had no idea about what they were actually proposing to deploy from an infrastructure security standpoint (much worse than the usual 'must run with admin' demands), I'll be sure to point them at this link when relevant in the future!
Saturday, November 25, 2006
Let the gIntegration begin!
New Microsoft releases coming thick and fast...
The final WAIK has been released, get it here. I know a ton of people have been waiting for that... finally Windows PE 2.0 is available for the masses.
I'm still holding out for WSS 3.0 though. I was hoping they would have released it when Office 2007 was RTM'ed, but I guess we'll be waiting for the GA of 2003 SP2. Although from reports about the quality of the 2003 SP2 RC, I guess I could probably use whatever is in that!
I'm still holding out for WSS 3.0 though. I was hoping they would have released it when Office 2007 was RTM'ed, but I guess we'll be waiting for the GA of 2003 SP2. Although from reports about the quality of the 2003 SP2 RC, I guess I could probably use whatever is in that!
Thursday, November 16, 2006
Oh, and PowerShell 1.0 has finally made GA!
I was on the early beta's of PowerShell (I still hate the name, although the name 'Monad' did lend itself to an unfortunate gnu-ified name), and am stoked to see it finally hit 1.0. What's also awesome is to see Jeffrey Snover's enthusiasm seems have gone viral inside Microsoft... PowerShell is up in everything.
THe latest video on Channel9 shows PowerShell as applied to IIS7, as well as a few other cool cmdlets from powergadgets. That stuff is gold... great job with the architecture Jeffrey, making PowerShell so extensible via C# is the best thing to have happened to the shell, ever.
So go grab PowerShell now, and check out the video!
THe latest video on Channel9 shows PowerShell as applied to IIS7, as well as a few other cool cmdlets from powergadgets. That stuff is gold... great job with the architecture Jeffrey, making PowerShell so extensible via C# is the best thing to have happened to the shell, ever.
So go grab PowerShell now, and check out the video!
Smart move, Citrix....
I don't know if this move by Citrix is possibly in response to the upcoming Longhorn release, but it is certainly looooooooooooooong overdue. I've been wanting to install and mess around with PS4 for ages at home, now I finally can!
Perhaps they have finally realised that putting Enterprise software in the hands of enthusiasts pays off... those kinds of people are often the ones engineering / architecting solutions. If not for this developer license program, I would have thrown myself into Longhorn Terminal Services and had a fairly one sided view... now I'll be looking at it with a much more critical eye.
Perhaps they have finally realised that putting Enterprise software in the hands of enthusiasts pays off... those kinds of people are often the ones engineering / architecting solutions. If not for this developer license program, I would have thrown myself into Longhorn Terminal Services and had a fairly one sided view... now I'll be looking at it with a much more critical eye.
Thursday, November 09, 2006
VI3 Storage Performance...
An as yet unidentified company is planning to release some interesting data soon surrounding performance of the various datastore options in VI3... namely local SCSI, FC, iSCSI and NFS.
Without stealing too much of their thunder, apparently an NFS mounted VMFS volume is 4 times faster than an iSCSI one!!! I'll be interested to see the details when the data comes out... there are substantial performance differences in the few iSCSI implementations around, and various tweaks that can be made to improve performance.
Meanwhile, I'm configuring my Ubuntu iSCSI target with NFS as well, and plan to do some testing of my own... stay tuned!
Without stealing too much of their thunder, apparently an NFS mounted VMFS volume is 4 times faster than an iSCSI one!!! I'll be interested to see the details when the data comes out... there are substantial performance differences in the few iSCSI implementations around, and various tweaks that can be made to improve performance.
Meanwhile, I'm configuring my Ubuntu iSCSI target with NFS as well, and plan to do some testing of my own... stay tuned!
Tuesday, November 07, 2006
.NET 3.0 Released / Vista SDK Final Released!
Funnily enough, .NET 3.0 has gone GA and so has the Vista SDK!
.NET Framework 3.0
Vista SDK (scroll to the bottom and grab the DVD ISO)
w00t!
.NET Framework 3.0
Vista SDK (scroll to the bottom and grab the DVD ISO)
w00t!
Ubuntu the Enabler! Moss the Interrupter!
You have to go to Ginkaku-ji in Kyoto to get that second bit...
Anyway, I'm decidedly 'over' Linux as a desktop... I'll be running XP into the ground and wait for the next version of Windows, which will be out before XP support ends if Microsoft stick to their "no more 5 years between OSes" mantra. Besides, all the stuff that's interesting to me in Vista / Longhorn (ie .NET 3.0) will be available on XP anyway. I could care less about Aero, DX10 games won't be out for ages, and my shit is locked down so security isn't an issue.
But back to the topic of the post - Ubuntu the Enabler! I've been playing more and more with VMware over the last month or 2, coding up some stuff in C# that interacts with the VI3 web service, and gearing up to take the VI3 VCP exam. And in my preparations, Ubuntu has been indispensable. Now that ESX 3 supports VMFS on iSCSI, I can finally setup something with a decent amount of storage at home using commodity hardware. Specifically, ESX 3 (developer license courtesy of VMTN subscription) running on a P4 3GHz box with IDE drive, 2GB RAM and dual Broadcom PCI GbE NICs, with half a tera of VMFS courtesy of 2 x 250GB SATA2 disks in an Athlon64 X2 box running Ubuntu 6.06.1 Server and the Enterprise iSCSI target. Seriously, it's so easy to install and configure, just read this howto.
This, along with the bare bones Linux build required for VMware Server (search the vmware forums, there are several threads), has effectively had me ditching Microsoft Virtual Server completely... I guess my interest is more in the virtualisation and C# space at the moment, which eliminates my previous needs of having heaps of VM's available (which the differencing disk feature of Virtual Server allowed quite nicely). It will be interesting to see what happens when Microsoft comes out swinging with their Hypervisor and virtual infrastructure management tool, but I can't imagine them knocking VMware off anytime soon... they're just too far ahead of everyone else in the field.
Anyway, I'm decidedly 'over' Linux as a desktop... I'll be running XP into the ground and wait for the next version of Windows, which will be out before XP support ends if Microsoft stick to their "no more 5 years between OSes" mantra. Besides, all the stuff that's interesting to me in Vista / Longhorn (ie .NET 3.0) will be available on XP anyway. I could care less about Aero, DX10 games won't be out for ages, and my shit is locked down so security isn't an issue.
But back to the topic of the post - Ubuntu the Enabler! I've been playing more and more with VMware over the last month or 2, coding up some stuff in C# that interacts with the VI3 web service, and gearing up to take the VI3 VCP exam. And in my preparations, Ubuntu has been indispensable. Now that ESX 3 supports VMFS on iSCSI, I can finally setup something with a decent amount of storage at home using commodity hardware. Specifically, ESX 3 (developer license courtesy of VMTN subscription) running on a P4 3GHz box with IDE drive, 2GB RAM and dual Broadcom PCI GbE NICs, with half a tera of VMFS courtesy of 2 x 250GB SATA2 disks in an Athlon64 X2 box running Ubuntu 6.06.1 Server and the Enterprise iSCSI target. Seriously, it's so easy to install and configure, just read this howto.
This, along with the bare bones Linux build required for VMware Server (search the vmware forums, there are several threads), has effectively had me ditching Microsoft Virtual Server completely... I guess my interest is more in the virtualisation and C# space at the moment, which eliminates my previous needs of having heaps of VM's available (which the differencing disk feature of Virtual Server allowed quite nicely). It will be interesting to see what happens when Microsoft comes out swinging with their Hypervisor and virtual infrastructure management tool, but I can't imagine them knocking VMware off anytime soon... they're just too far ahead of everyone else in the field.
Subscribe to:
Posts (Atom)