Social Icons

Showing posts with label virtual tunnels. Show all posts
Showing posts with label virtual tunnels. Show all posts

Sunday, April 21, 2013

Virtual Machines : Escape vs Introspection

1.   For last few years playing inside a VM ,I always used to wonder if it actually that safe surfing anything inside a VM...and that hardly anything gets in touch with the Host machine while we work with applications inside.Then I heard of two relative terms that are : Virtual Machine Escape vs Virtual Machine Introspection

2.  New to me but pretty old from point of view of existence....these are briefly explained below :

Virtual Machine Escape

Normally virtual machines are encapsulated, isolated environments. The operating systems running inside the virtual machine shouldn't know that they are virtualized, and there should be no way to break out of the virtual machine and interact with the parent hyper visor  The process of breaking out and interacting with the hyper visor is called a “VM escape.” Since the hyper visor controls the execution of all of the virtual machines an attacker that can gain access to the hyper visor can then gain control over every other virtual machine running on the host. Because the hyper visor is between the physical hardware and the guest operating system an attacker will then be able to circumvent security controls in place on the virtual machine.(Source : http://lonesysadmin.net)





Virtual Machine Introspection

Although virtualization isn’t new, the recent development of x86 virtualization products has revived interest in the virtualization market. This has led to the evolution of Virtual Machine Introspection (VMI) techniques and tools to monitor VM behavior. VMI tools inspect a VM from the outside to assess what’s happening on the inside.This makes it possible for security tools—such as virus scanners and intrusion detection system to observe and respond to VM events from a “safe” location outside the monitored machine. Depth of information is the fundamental benefit behind a concept called Virtual Machine Introspection (VMI). Its use within virtualized environments is absolutely crucial to effective risk mitigation at scale.(Source : |http://www.securityweek.com/vm-introspection-know-your-virtual-environment-inside-and-out)

So the basic difference is I think the route,in case of the former the need is to contact the hypervisor from inside and the latter shows the way out to get to know whats happening inside from outside perspective.....

Monday, February 20, 2012

THE TOR PROJECT

1.  Privacy is really becoming a big and serious issue and no one knows what all is all set to come ahead.For now I came across and even started using TOR.For the bigger details you need to visit the site at https://www.torproject.org/.I got aware of this at the ANKIT FADIA WORKSHOP@INDORE

2.  For the in brief , point wise detail that just scroll down to get a brief overview :

KEY FEATURES

- Tor is free software made under www.torproject.org/

- Helps defend against network surveillance that threaten personal freedom and privacy.

- Protects by bouncing your communications around a distributed network of relays run by volunteers all around the world.

- Prevents somebody watching your Internet connection from learning what sites you visit

- Prevents sites you visit from learning your physical location.

- Works with web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

- Individuals can use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers.

- A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently.

HOW/WHAT IT DOES?

- Actually a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.

- Based on "Onion routing" that simply refers to original data being encrypted and re-encrypted multiple times.

- It is then sent through successive Tor relays, each one of which decrypts a "layer" of encryption before passing the data on to the next relay and, ultimately, its destination.

- This reduces the possibility of the original data being unscrambled or understood in transit

- Enables to create new communication tools with built-in privacy features.

- Provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.


3.  Thanks https://www.torproject.org and Ankit Fadia
Powered By Blogger