August 18, 2008 By Hilton Collins
the outside world and does not communicate or have users checking e-mail and browsing the Web on it."
But just how do you secure the hypervisor? There are applications that reduce its attack surface, and methods include embedding the hypervisor deeper within the network or limiting the number of network channels.
Attacking the hypervisor may be worth the trouble for only the most sophisticated hacker. After all, if you're going to burglarize a house, why smash through the concrete foundation when you could break open the door or a window?
"A Windows machine running on your Dell box in your physical data center and a virtual machine look identical because they have an IP address," said Mulchandani. Consequently most hackers won't care much about the hypervisor when they can use their regular tricks to attack the machines directly.
Hoff feels the same way. "Attackers are lazy. They go after the low-hanging fruit," he said. "Why would I bother deploying virtualized rootkits when I can just essentially exploit a poorly configured server?" This takes the same amount of effort it would take to infect a system with malware once someone clicks on a link they shouldn't.
You may use or reference this story with attribution and a link to