Prevent Data Leakage ESXi provides a useful and not so well known interface used to provide both support information and the configuration of your ESXi hosts through esxicli. This is accessed by connecting to your ESXi host using a web browser, the url syntax is:- Remediation If you don’t want this to be made available …
A journey into data theft in the cloud! This post is about my journey into researching a security compromise of ESXi and the VMware framework as a whole. The essence of the following attack was devised in a lab that I had built over a course of a few months and consisted of the following …
We are pleased to announce the recent release of VMinformer Pro v4.3. If you have not done so already then now is a time to take a look at VMinformer and see in as little as 15 minutes the visibility that it will provide you and improve operational efficiencies, saving you time and money! New …
It’s time for a wake up call for anyone involved in securing virtual infrastructure. The technology that is being currently used by organizations to secure VMware, Xen or Mircrosoft HyperV is at worst being deployed with inadequate understanding of what its protecting and at best not enough on its own to secure business critical data. …
VMinformer has released it’s latest version of its leading virtualization security assessment tool. Version 3.9 highlights include:- Support for vSphere5 Distributed Switch Support for Network Maps New Polices for vCenter and ESXi5 To get started and audit your infrastructure in as little as 15 minutes, download a trial copy today by registering at www.vminformer.com
An interesting news article concerning an attack on a virtual infrastructure highlights the need for proper security controls. The fact that it was virtual is almost irrelevant, the company concerned should have had the required security controls in place to prevent this. The fact that it was virtual though probably made it a lot easier …
The latest guidelines from the PCI Security council recognize the need for carrying out thorough auditing and monitoring of virtual environments that fall under the remit of PCI requirements. Compared to traditional monitoring tools for a physical network, tools for virtual systems may not provide the same level of insight or monitoring within intra-host communications …
VMinformer Ramps Partner Expansion With Signing of Four New Security Resellers Sydney – 15 June 2011 – VMinformer, a pioneer in compliance, security and auditing for virtual environments, has announced a major expansion in its Australian partner channel with the addition of four new specialist security resellers based in NSW, Victoria and the ACT. These …
Managed Object Browser (MOB) The MOB as it is known is used mainly by developers or for debugging. It has direct access to the VMkernel so as well as allowing view access it allows changes to be made. It can be access over port 443 (HTTPS) and requires authentication using the ROOT account password. The …
This info came to me from Eric Sloof over at NTPRO.NL it is a Mind Map for Troubleshooting vSphere Network Issues, which is really cool! Go Check it out over at Eric’s site here…