Virtualization is considered to be the new renaissance in computing. Suddenly, all those over sized servers are put to great use by putting multiple Guest OS's on them. But running IT services in a virtualized environment brings a whole host of new opportunities for hackers.
In this article, we'll review the issue of Denial Of Service to a Virtualization enviroment:
One of the most important element of a Virtualization environment is the isolation. Since the host OS and the Guest OS machines run on the same hardware, and none should access each others resources - including memory, CPU time, video memory etc.
A lot of Virtualization implementations fail in proper isolation, and that can allow an attacker to mount different types of successful attacks.
The simplest one is a Denial of Service Attack. The compromised guest generates communication to memory address space attempting to breach the isolation walls and cause corruption of other Guest OS or the Host OS. It is very usual that early versions of a Virtualization platforms have vulnerabilities in the isolation mechanisms.
The following is an example of breach of the isolation wall on an unpatched Windows 2008 Hyper-V.
Please note that this attack only works on a default installation of Windows 2008, with no patches applied. So all your Virtualizaiton platforms should be fully patched
Talkback and comments are most welcome
Hacking Virtual Machines Part 1 - Sniffing
Hacking Virtual Machines Part 2 - Environments Where Virtualization Lives