[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

Can someone deeper into infosec confirm for me that if you attack

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /g/ - Technology
  3. Can someone deeper into infosec confirm for me that if you attack
Thread replies: 9
Thread images: 1

Anonymous
2017-07-31 10:00:39 Post No. 61665514
[Report] Image search: [Google]
File: s-l1000.jpg (129KB, 1000x998px) Image search: [Google]
s-l1000.jpg
129KB, 1000x998px
Anonymous 2017-07-31 10:00:39 Post No. 61665514 [Report]
Can someone deeper into infosec confirm for me that if you attack Xen directly this thing becomes useless?

Also what's a good book on information systems and securing them so I can try for myself?
>>
Anomynous 2017-07-31 10:01:45 Post No.61665527
[Report]
Anomynous 2017-07-31 10:01:45 Post No.61665527 [Report]
>>61665514
How could you attack Xen when dom0 has no network adapter attached?

(I mean you'd have to be extra good hacker)
>>
Anonymous 2017-07-31 10:04:14 Post No.61665565
[Report]
Anonymous 2017-07-31 10:04:14 Post No.61665565 [Report]
>>61665527
You insert a network adapter by attacking Xen through the weakest link template VM, which shouldn't be hard since all the templates are outdated.
>>
Anonymous 2017-07-31 10:07:25 Post No.61665613
[Report]
Anonymous 2017-07-31 10:07:25 Post No.61665613 [Report]
Use Virtualbox :^)
>>
Anonymous 2017-07-31 10:38:01 Post No.61666029
[Report]
Anonymous 2017-07-31 10:38:01 Post No.61666029 [Report]
https://blog.xenproject.org/2012/06/13/the-intel-sysret-privilege-escalation/
Its possible yes
>>
Anonymous 2017-07-31 10:39:02 Post No.61666040
[Report]
Anonymous 2017-07-31 10:39:02 Post No.61666040 [Report]
>>61665565
See
>>61666029
>>
Anonymous 2017-07-31 10:43:40 Post No.61666119
[Report]
Anonymous 2017-07-31 10:43:40 Post No.61666119 [Report]
>>61665514
>if you attack Xen directly this thing becomes useless?

Which is better than just relying on any random part of the Linux or Windows system.
>>
Anonymous 2017-07-31 10:48:46 Post No.61666196
[Report]
Anonymous 2017-07-31 10:48:46 Post No.61666196 [Report]
Im pretty sure i've dealt with an attack on Xen before using Qubes.

The easiest way in is by injecting packets into an http stream to try and exploit a browser weakness, I would imagine it is tough trying to tackle this thing from the outside as it comes with powerful iptable rulesets.

Look in the logs for a message saying "Guest VM did not return requested memory" this can be a heads up that Xen has been attacked

Honestly, im waiting until Qubes 4.0 when it will utilize HVM instead of the Xen paravirtualization that it does now. HVM's are much more secure.
>>
Anonymous 2017-07-31 11:23:36 Post No.61666720
[Report]
Anonymous 2017-07-31 11:23:36 Post No.61666720 [Report]
How about genode? How about using a qemu with kvm on top of linux?
Thread posts: 9
Thread images: 1
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.