The FYRM Blog » Cloud Computing

GuestStealer Wrapup

Tony Flick — Tue, 02 Mar 2010 02:30:03 +0000

In addition to the previously mentioned Nmap script, GuestStealer has now made its way into a Nessus plugin and a Metasploit module. Nessus Plugin 44646 was released by Tenable a few weeks ago and the Metasploit module was pushed up to the trunk last week.

GuestStealer has been mentioned in several articles and blog posts recently, including DarkReading – Tech Insight: Securing The Virtualized Server Environment and The Hacker News Network. While most have been accurate, several early blogs stated that GuestStealer used a cross site scripting attack to steal the guests. So to clarify and avoid any confusion, GuestStealer exploits the directory traversal vulnerability described in CVE-2009-3733. For further information, check out the presentation slides or presentation video.

GuestStealer 1.1 and PaulDotCom Webcast

Tony Flick — Fri, 19 Feb 2010 00:11:59 +0000

Justin and I will be on the PaulDotCom podcast tonight to discuss the latest developments with GuestStealer and the Smart Grid book. For more information, check out tonight’s episode guide and join the live discussion tonight.

Also, GuestStealer v1.1 is now available for download. This is a bug fix release that improves the error handling and prevention of downloading the same vmdk file twice (when that vmdk self-references itself). Thanks to the efforts by Ron at Skull Security, the new version is available on the tools page.

Free Antivirus!

Tim — Mon, 04 May 2009 22:44:59 +0000

With the current state of the economy, budgets across organizations are being slashed and the IT/Security department budgets are no different. As a result, organizations are looking at ways to reduce their costs, yet remain or still try to become compliant with numerous regulatory mandates. So, what organization would not want to have free antivirus? Now, what if I threw in a smaller footprint and a reduced load on system resources than traditional antivirus applications? Snake Oil? Silver Bullet?

Last week, Panda Security announced the public beta release of their free cloud-based antivirus “thin-client” solution. Panda has stated that this solution will result in 50-percent less impact on PC performance when compared to fat-client signature-based antivirus programs. While this product is more intended for the home-user, several other services and products intended for commercial and government organizations exist. As such, one must look at the implications of moving security operations into the cloud before introducing them into the enterprise.

Cloud computing offers reduced hardware costs by moving hardware and administrative duties off-site. But as a side effect, your organization’s sensitive information is accessed and may be stored off-site. In this entry, I am not going to go through every question you should ask your cloud-services provider. However, before you start using these services, you should ensure the third-party address the following high-level issues that meet or exceed your own requirements:

Data storage
Data access methods
Physical security
Access control