A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Exploring Layer 2 Network Security in Virtualized Environments - Ronny L. Bull - Dr. Jeanna N. Matthews Derbycon 2014 (Hacking Illustrated Series InfoSec Tutorial Videos)

Exploring Layer 2 Network Security in Virtualized Environments
Ronny L. Bull - Dr. Jeanna N. Matthews
Derbycon 2014

Cloud service providers offer their customers the ability to access virtual private servers hosted within multi-tenant environments. Typically these virtual machines are connected to the physical network via a virtualized network within the host environment. This could be as simple as a bridged interface connected to multiple virtual interfaces attached to each virtual machine, or it could entail the usage of a virtual switch to provide more robust networking features such as VLANs- QoS- and monitoring. All client virtual machines are essentially connected to a virtual version of a physical networking device. In this talk, we explore whether Layer 2 network attacks that work on physical switches apply to their virtualized counterparts by discussing the results of a systematic study performed across four major hypervisor environments with seven different virtual networking configurations. In this preliminary research each environment was evaluated by utilizing a malicious virtual machine to run a MAC flooding attack along with Wireshark in order to verify if it was possible to eavesdrop on other client traffic passing over the same virtual network. It was concluded that out of the four virtual switch implementations tested Open vSwitch proves to be the most vulnerable to MAC flooding allowing for an attacker to capture a co-resident virtual machine’s network traffic.

Back to Derbycon 2014 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast