book

Securing the Virtual Environment: How to Defend the Enterprise Against Attack, Included DVD

by Davi Ottenheimer, Matthew Wallace

May 2012

Intermediate to advanced

456 pages

12h 6m

English

Wiley

Read now

Unlock full access

A Brief Introduction to the CloudManaging Cloud SecurityManaging Cloud RisksManaging Cloud ComplianceMaking Use of WarningsSummary
Who Is an Outsider?Delegating and Spreading Roles in Order to ScaleSummary
Looking Around Without Getting CaughtSlicing and Dicing DataIdentifying and Targeting AssetsTiming an AttackSummary
Finding Signal in NoiseDefining SuccessFinding Service VulnerabilitiesExploiting Service VulnerabilitiesSummary
Replacing Hardware Layers with SoftwareThe Cup Is Half SecureEscaping Jails, Sandboxes, and BuffersSummary
Peeping TomsNoisy NeighborsSummary
Logging EventsTesting Incident ResponsivenessOrchestration: Good and EvilSummary
Mapping the InfrastructureFinding and Exploiting the Middle GroundSummary
When All You Are Is a Nail, Everything Wants to Be a HammerThe Ubiquity of the BrowserThe Risks of SaaSSummary

Compliance versus SecuritySummary
Components of the Virtual Penetration Testing LabBuilding the GatewayBuilding the ESXi Hypervisor SystemBuilding XenBuilding KVMUsing Your Virtual Environments: Virtual AttacksWhere to Go from Here

Content preview from Securing the Virtual Environment: How to Defend the Enterprise Against Attack, Included DVD

Appendix B

About the Media

If you have a DVD drive, you can use code and tools included on the DVD. The DVD contains code and scripts referenced in the text of the book. It also contains a Virtual Machine based on the Ubuntu 6 Linux distribution, pre-loaded with various network security tools.

All the content is organized into subdirectories. Navigate into any subdirectory to read more about the contents. Some of the code or scripts require supporting libraries or other software that could not be included on the DVD. This is described in each folder.

Note

In order to run, some of this code requires additional libraries that are not included. For example, the Perl code that interacts with the VMware hosts requires VMware's Perl SDK to be installed and available in your @INC path.

The DVD includes the following subdirectories:

ch02: Code from Chapter 2, including the “backdoored” gzip rpm and the “backdoored” openSSH-5.8p2 source code.
ch04: Code from Chapter 4, including the cloudscan.pl script and the vloud_dos.php script.
ch05: Contains the kvm_escape package used for the Chapter 5 Hands-on KVM escape. This includes some specifically crafted files from Nelson Elhage's original proof-of-concept exploit, as well as the vulnerable Ubuntu amd64 packages the exploit works against.
orchestrate_malware: Contains the backdoor_xen.pl script used in the hands-on demonstration in Chapter 7.
test_response: Contains the provoke.pl used in seven examples from Chapter 7 that describe provoking ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Internet Security: How to Defend Against Attackers on the Web, 2nd Edition

Publisher Resources

ISBN: 9781118239261Purchase book

Securing the Virtual Environment: How to Defend the Enterprise Against Attack, Included DVD

by Davi Ottenheimer, Matthew Wallace

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Internet Security: How to Defend Against Attackers on the Web, 2nd Edition

Advanced Persistent Training : Take Your Security Awareness Program to the Next Level

Asset Protection through Security Awareness

Cisco Network Admission Control, Volume I: NAC Framework Architecture and Design

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Internet Security: How to Defend Against Attackers on the Web, 2nd Edition

Advanced Persistent Training : Take Your Security Awareness Program to the Next Level

Asset Protection through Security Awareness

Cisco Network Admission Control, Volume I: NAC Framework Architecture and Design

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.