Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Vulnerabilities assessment of windows hyper
1. Vulnerabilities Assessment of Windows Hyper-V
Shafiuddin MISS-150165,Rafiqul Islam MISS-150132
Bangladesh University of Professionals
Faculty of Science and Technology
engrussel@gmail.com,smrofiq@gmail.com
Abstract: Microsoft Hyper-V, codenamed
Viridian and formerly known as Windows
Server Virtualization, is a native hypervisor;
it can create virtual machines on x86-64
systems running Windows. Starting with
Windows 8, Hyper-V supersedes Windows
Virtual PC as the hardware virtualization
component of the client editions of
Windows NT. A server computer running
Hyper-V can be configured to expose
individual virtual machines to one or more
networks.
Hyper-V was first released alongside
Windows Server 2008, and has been
available without charge for all the
Windows Server and some client operating
systems.
We have gone through the system on
different angle and use different tools and
technique for investigating the
Vulnerabilities.
Key words:
Hyper-V : A Virtualization Technique of
Windows.
Hypervisor: Virtual Machine Monitor
Introduction:
Virtualization refers to the creation of a
virtual resource such as a server, desktop,
operating system, file, storage or network.
The main goal of virtualization is to manage
workloads by radically transforming
traditional computing to make it more
scalable. Virtualization has been a part of
the IT landscape for decades now, and
today it can be applied to a wide range of
system layers, including operating system-
level virtualization, hardware-level
virtualization and server virtualization.
Type 0 hypervisors, Type 1 hypervisors and
Type 2 hypervisors
• Type 0 hypervisors - Hardware-
based solutions that provide support
for virtual machine creation and
management via firmware
• Type 1 hypervisors - Operating-
system-like software built to provide
virtualization.
• Type 2 hypervisors - Applications
that run on standard operating
systems but provide VMM features
to guest operating systems
Type 1 hypervisors: Windows
Hyper-V
2. Objective:
1. Analyzing traffic pattern
between 2 VM’s.
2. Obtaining the Physical
machine CPU information.
3. Overloaded one Instance and
see the Impact on other VM.
4. Run nmap and nessus to
scan possible vulnerabilities.
Analyzing Traffic Pattern: We
intentionally collocate the probe
VM to same hardware and start
to analyzing the traffic pattern.
Wireshark is a good tool for
protocol level investigation. We
have discovered targeted VM
Switch type, Hostname, IP
address and MAC address, which
is sufficient for lunching and Side
channel or DoS attack.
Physical Machine Information:
For knowing the physical
machine CPU information we
have dumped the full RAM
information in a file and then try
to discover the CPU information,
unfortunately no CPU
information are found.
Overloading Probe VM: As we
have the full control on Probe
VM, again we over load the CPU,
RAM and observing the impact
on physical sever and neighbor
VM. There is no significant
impact is recorded. But when it
shows the status of utilization in
VMM console it showing only 6%
CPU uses although it’s using
100% internally.
Run Nmap and Nessus: Nmap
("Network Mapper") is a free
and open source (license) utility
for network discovery and
security auditing. Many systems
and network administrators also
find it useful for tasks such as
network inventory, managing
service upgrade schedules, and
monitoring host or service
uptime.
After scanning with Nmap we
have discovered the targeted VM
we have found the OS Signature
Ex: Windows 2008, number of
critical port opened, Ex: TCP 135,
TCP: 139 (Microsoft Windows
RPC, and NetBIOS SSN), RSA Key
Type and Encryption Bits.
Nessus is a proprietary
comprehensive vulnerability
scanner which is developed by
Tenable Network Security. It is
free of charge for personal use in
a non-enterprise environment.
According to surveys done in
2009 by sectools.org, Nessus is
the world's most popular
vulnerability scanner, taking first
3. place in the 2000, 2003, and
2006 security tools survey.
After Scanning with Nessus we
have found following Result:
Conclusion: Windows VM is still
very popular and easy to deploy.
Before implementing the VM on
production a lot of Burn testing
is require. Also administrators
need to enable the firewall only
requirement basis. One of the
most significant security problem
of windows VM is VHD file can
be easy stolen and restore to
other machine.