Rain Forest Puppy labels virtualisation "very, very risky" - News - Security

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Australia.
--------------------------------------------------------------

Rain Forest Puppy labels virtualisation "very, very risky"

By Patrick Gray, 0
August 18, 2003
URL: http://www.zdnet.com.au/news/security/soa/Rain-Forest-Puppy-labels-virtualisation-very-very-risky-/0,130061744,120277372,00.htm

A renowned security researcher, known as Rain Forest Puppy (RFP), has branded virtualisation technologies such as VMWare as "very risky" when used in production environments, during his swan-song presentation at Australia's Hack 2003 conference.

RFP told conference delegates in Melbourne on Friday that virtualised systems should only be used for research, testing, staging and development purposes. He said using operating platforms such as VMWare for production systems is "putting all your eggs in one basket".

"In my opinion that's... very, very risky," he said.

RFP also warned the administrators of wireless networks that companies promising to conduct comprehensive site audits to find rogue access points would probably not deliver the goods.

One of the main concerns with wireless technology is that an attacker with physical access to a network can plug an off-the-shelf access point into that network and use it to attack the company from within, while physically located outside the building.

People too easily forget that 802.11 isn't the only type of wireless networking technology available to those who wish to operate such a rogue point, RFP says.

He cites Bluetooth, 802.11 turbo, HomeRF, cellular technologies and vendor specific protocols to name just a few wireless systems that won't be picked up by a typical 802.11 audit. "The ultimate solution is a Faraday cage," he said.

Even using an antenna and a spectrum analyser, which graphs spikes in frequencies generated by access points, will not necessarily reveal rogue points.

This is RFP's last conference. He announced his retirement from the "security scene" as a public figure a few months ago, but had promised the Hack 2002 conference organisers a year ago that he would be back for a repeat performance.

The top researcher has become jaded with the form in which the security industry has commercialised. "Security is now sold in a red box with a support contract. And this is where things went downhill," he said in a recent statement.

When asked to comment, he had only three words for ZDNet Australia : "Let it go."