Christopher Willis

vCenter 5.1 Install Will Give Me Nightmares...

Thu, 23 May 2013 14:11:43 -0400

So I said I successfully installed vCenter 5.1 and I totally did… sort of. When I installed Windows updates on my vCenter machine I rebooted it and ran into some crazy problem where vCenter was rejecting my domain user saying it had an incorrect username and password even though it was completely correct… Matter of fact I was logged into the vCenter machine with the domain account.

Turns out there’s some crazy bug that randomly deletes your AD DS server from the list of authenticated domains without telling you. The fix is outlined here.

vCenter 5.1 Successfully Installed

Wed, 22 May 2013 12:22:04 -0400

Finally after multiple attempts using Windows Server 2012, I tried installing vCenter 5.1 on Server 2008 R2 and it worked like a charm. There appears to be a bug with Server 2012 and vCenter 5.1 where the install just fails during profile driven storage installation. There is a fix listed here but it didn’t work for me. I am planning on filing a bug report with VMware.

Virtualization Security: Protecting Virtualized Environments

Mon, 20 May 2013 11:29:19 -0400

This will be the book I will be basing a good deal of my research off of. There are many papers that I will be using as well to conduct my research. Some are listed below:

Virtualization Security by Dave Shackleford

http://www.amazon.com/Virtualization-Security-Protecting-Virtualized-Environments/dp/1118288122

Other resources:

Malware-Based Threats:

Websense Labs custom VM-Aware malware: http://securitylabs.websense.com/content/Blogs/2688.aspx
Bot Storm worm’s VM detection capabilities: http://isc.sans.org/diary.html?storyid=3190

VM Escape:

Look up IntelGuardians research presented at SANSFIRE 2007 by Tom Liston and Ed Skoudis (VMchat, VMcat, VM Drag-n-Sploit, VMftp)
Core research on VMware Shared Folders VM Escape exploit: www.coresecurity.com/?action=item&id=2129
Blue Pill Vista exploit that virtualized the underlying vista OS and created a rogue hypervisor for it to run off: http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html
TXT Hack by Rutkowska: http://theinvisiblethings.blogspot.com/2009/12/another-txt-attack.html
HyperSafe (possible VM Escape solution) paper: www.csc.ncsu.edu/faculty/jiang/pubs/OAKLAND10.pdf

Vulnerabilities in Virtualization Software: http://lists.vmware.com/pipermail/security-announce/2010/000093.html

Fingerprinting Virtualized Systems: http://www.chrisbrenton.org/2009/09/passively-fingerprinting-vmware-virtual-systems/

Wentworth Senior Project Blog

Mon, 20 May 2013 11:10:03 -0400

This blog will serve as a medium for me to present my research on Virtualization Security for my Senior Project that will be presented in August before graduation. Stay tuned for updates.

Wentworth Article On An Interview I Did With Them!

Wed, 18 Jul 2012 13:23:46 -0400

Wentworth Article On An Interview I Did With Them!