| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Cloud service providers offer their customers the ability to
access virtual private servers hosted within multi-tenant
environments. Typically these virtual machines are connected
to the physical network via a virtualized network within the
host environment. This could be as simple as a bridged
interface connected to multiple virtual interfaces attached to
each virtual machine, or it could entail the usage of a virtual
switch to provide more robust networking features such
as VLANs- QoS- and monitoring. All client virtual machines
are essentially connected to a virtual version of a physical
networking device. In this talk, we explore whether Layer
2 network attacks that work on physical switches apply to
their virtualized counterparts by discussing the results of a
systematic study performed across four major hypervisor
environments with seven different virtual networking configurations. In this preliminary research each environment was
evaluated by utilizing a malicious virtual machine to run a
MAC flooding attack along with Wireshark in order to verify
if it was possible to eavesdrop on other client traffic passing
over the same virtual network. It was concluded that out of
the four virtual switch implementations tested Open vSwitch
proves to be the most vulnerable to MAC flooding allowing
for an attacker to capture a co-resident virtual machine’s
network traffic.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast