What is special about a virtual computer-a VM? It's a computer in a file. That's it. It's just a computer stored in a file with similar foibles and management issues as a physical computer. So why do some people invest virtual computers some magical transformative powers? Do they not understand what a virtual computer is?
What is special about a virtual computer-a VM? It's a computer in a file. That's it. It's just a computer stored in a file with similar foibles and management issues as a physical computer. So why do some people invest virtual computers some magical transformative powers? Do they not understand what a virtual computer is?A computer is a bunch of software-BIOS, operating system, and applications---running on some hardware. A virtual machine (VM) is a computer, but the hardware the virtual computer thinks it is running on is an abstraction of the physical hardware. The VM runs in the hypervisor which presents the same hardware to the VM regardless of the actual hardware. That allows you to move a VM from one hypervisor to another without any hardware issues. The hypervisor does a bunch of other interesting things as well, but they aren't relevant to my point. You probably know all this already, but it's good to set the stage.
Recently two different observations about virtualization have come up that need correcting. The first is that the Open Virtualization Format (OVF), which is a DMTF format for standardizing a VM file format, is the cause of VM sprawl and spreading malware. Kris Buytaert made this assertion about OVF. The second observation is that there is this thing called a VMtrojan that is a trojan somehow made more dangerous by virtue of being on a VM.
Let's take these one at a time. First, OVF is a file format. OVF is not a locomotive force directing your hands to deploy more and more VMs higgledy-piggledy throughout your network. Nor is OVF a vehicle for spreading malware either. If OVF makes adding to sprawl or spreading malware any more or less of a problem in your network, then you have far, far bigger problems to deal with like how you manage your VM infrastructure. People and processes are the cause of sprawl.
On the topic of virtual Trojans, how do you manage-by that I mean install, update, and protect- a VM is just like you manage a physical computer. It's not magic. There is nothing inherently special with virtualization that means you need to treat a VM much differently than any other computer. Rueven Cohen who gained some notoriety with the Cloud Computing Manifesto posted this frightful gem to the Cloud Computing Interoperability Forum (CCIF):
The types of attacks a VMT [virtual machine Trojan] can execute are different than a normal trojan. The VMT does not have access to the host machine; rather, it has access to the local network. Therefore, a VMT can be programmed to do the following:
Sniff traffic in the local network
Actively scan the local network to detect machines, ports and services
Do a vulnerability scan to detect exploitable machines in the local network
Execute exploits in the local network
Brute force attacks against services such as ftp and ssh
Launch DoS attacks within the local network, or against external hosts
And of course, send spam and conduct click fraud
That list details what Trojans do and being on a VM makes absolutely no difference at all. None. Not in the infection. Not in the spreading. Not in the execution. A VM is a computer. A VM with access to the network is a networked computer which is no different than a physical computer on a network. Saying there is a difference is either FUD or shows a complete lack of understanding about what a VM and a computer are. Thankfully, there are some voices of reason in the CCIF who have pointed out the absurdity of equating Trojans in a VM as any different than any other Trojan.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.