Virtual Security

  • Comments posted to this topic are about the item Virtual Security

  • First:

    I really enjoy your editorials and I read as much and as often as I can.

    I’m a developer, but I unofficially serve as my group’s DBA – like many people we have DBAs who handle backups, and not much else.

    Second:

    About your writing in the first paragraph this morning.

    Great topic, great idea. Overall you write better than I do, don’t let little mistakes give a bad impression. Sometimes it sounds ESL – which I’m sure is due to transcription errors.

    First paragraph from your email at 12:49 AM Eastern:

    "I have a few friends that are working *1 virtualize almost their entire computer infrastructures. They work in large and small companies, but there is a constant push to avoid the bare metal installation of any operating system onto physical hardware, making every Windows or Unix machine a virtual machine on top of a hypervisor. I was surprised to hear that companies were being to *2 aggressive, but the cost benefits can be huge, and when virtualization is done in a smart way, performance doesn't suffer."

    I assume that:

    *1 = "to"

    and

    *2 should have been "so" instead of "to" (or perhaps "too")

    Thanks again for the great content and keep up the great work!

  • I'm not a virtualization or security expert, but I'm a little confused over why this was/is an issue. If someone has access to the vCenter app, sure they can open the console of a VM running in the environment, but without the Windows login credentials they wouldn't be able to get very far into the system.

    And even if they had Windows credentials, they could still be locked out of SQL Server itself.

    I'm not saying someone with that level of access couldn't do harm. They could shut down the VM or do irreparable damage to the file system. But, I don't see how could get to the data, especially if the backups are encrypted too.

  • There are actually some exploits that can access the virtual machine's memory or disk if they have access to the physical hardware. vMotion, or similar technologies that allow a virtual machine to move to a different physical one means that you have to be careful.

    The publication of the exploits, and scripts, mean that you don't necessarily have to be a genius to take advantage of these items.

  • chris.compton-977504 (8/22/2011)


    First:

    I really enjoy your editorials and I read as much and as often as I can.

    I’m a developer, but I unofficially serve as my group’s DBA – like many people we have DBAs who handle backups, and not much else.

    Second:

    About your writing in the first paragraph this morning.

    Great topic, great idea. Overall you write better than I do, don’t let little mistakes give a bad impression. Sometimes it sounds ESL – which I’m sure is due to transcription errors.

    Thanks for the note. The review/proof of the work sometimes gets shortchanged at times. Corrections have been made.

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply