LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Virtualization and Cloud
User Name
Password
Linux - Virtualization and Cloud This forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.

Notices


Reply
  Search this Thread
Old 07-31-2012, 04:51 AM   #1
Potato99
LQ Newbie
 
Registered: Jul 2012
Posts: 1

Rep: Reputation: Disabled
hypervisor comparison


Hi, I'm implementing a project and I have a question related to that.
This project is about hypervisor security comparison. I compare XEN and KVM hypervisors. I would like to check following scenarios:

- protection against accesing unassigned resources by Virtual Machine
- protection against subversion of trusted virtual machine monitor software (hypervisor, any of virtual machines or boot process)

Unfortunately, I'm new to virtualization, and I have no idea how could I check those scenarios out. I can't figure out any test, which could help me state which hypervisor is more secure.

Do you have any ideas? Could you give me some tips, advices?
Thanks in advance.
 
Old 07-31-2012, 05:50 PM   #2
jefro
Moderator
 
Registered: Mar 2008
Posts: 21,939

Rep: Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619Reputation: 3619
I think this task is way above any common user's level. No security issue exists right now that any but the most talented could find.

I just read about one of the first major holes in a VM. For a long time they were considered pretty secure (to statements like absolutely secure) if you didn't mount hosts partitions or directories and used common network controls. If any hacker knows they are unlikely to tell unless they are in a contest. The skills needed to perform intrusion detection would require a very skilled hacker who knows not only the very nuts and bolts of the VM's but also hardware and OS's.

To do any sort of advanced testing you would have to know everything there is to know about the two choices. From where it began and the code it started with to all the additions and corrections over the years. Any part of that could be attacked but you'd have to know a heck of a lot to attack it. I'd guess that maybe only one or two people that visit this site would be able to perform such an advanced test. I am not one of them.

I'd think the greatest threat would be to the OS and applications on it before any VM issue.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
centos hypervisor question leonardkillo Programming 1 11-24-2011 01:00 AM
using Hypervisor on dvd clarodina Linux - Virtualization and Cloud 1 09-28-2011 05:05 PM
Hypervisor for i7 8G Lenovo - Newbie mathunam Linux - Virtualization and Cloud 10 05-18-2011 04:18 AM
KVM - Is it the actual hypervisor? dman777 Linux - Virtualization and Cloud 1 12-31-2010 08:39 AM
KVM - Hypervisor too old? Chuck56 Slackware 1 11-21-2008 12:10 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Virtualization and Cloud

All times are GMT -5. The time now is 07:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration