CO4509 – Computer Security Assignment Sample 2023
Introduction
The computer system such as system and servers consider with physical devices. The virtualization is the wide technology that is used in the various fields. The VMware is the popular provider of the virtual machine software. The VMware include the VMware server, VMware workstation and VMware ESXi like that. The VMware virtual environment is encountered by the forensic investigators. The VMware virtual machine is implemented using the virtual adapter for devices that is memory, network card like that. The VMware workstation is create the file with the extension of configuration (.vmx) and virtual hard drive (.vmdk) like that. In this investigate the security of the VMware virtual machine along with the operating system, applications and techniques. Then the username and password is recovered using the virtual trusted platform. Then analysed the techniques involved to secure the machine from the various security issues. The security of the virtual machine is maintained with the implementation of the virtual trusted platform module to the virtual machine and use the template to deploy the virtual machine and use the virtual machine console very less and prevent virtual machine from the taking over resources. Securing windows guest operating system with virtual machine security processes.
Investigate the security of system
The investigation of VMware virtual machine security is system is analysed based on the category of the operating system maintenance, application maintenance and tools used for the security purpose all this consider while investigate the security of the virtual system. The most of the security flaws identified in the virtual machine is nearly similar to the normal physical system security flaws (Dong-Hee Kim, 2018). Here the general security flaw happen in the virtual system is identified and explained with the clear manner.
During the communication between the VM or virtual machines and host
The virtualization is done with the partial virtualization, full virtualization, application virtualization, hardware support virtualization and resource virtualization. These categories of virtualization is analysed with the communication between each other during this scenario the security of the system can be loss. The primary benefit of the virtualization is isolation. The isolation process is not carefully installed means the threat can be occurred to the environment while accessing the operating system. So the isolation is carefully installed and maintained for the communication process.
OS based analysis
In the some virtual machine technology the VM layer is able to the keystrokes and screen updates through various virtual terminals. The host operating system kernel is considered while transforming the information for providing the permission for transformation. This is supported for the monitoring the host activity log and encrypt the terminal connections for avoid thread creation.
Application based analysis
The some of the virtualization is avoid the isolation process for supporting the few of applications. The application designed is consider with the one operating system that is communicate with the other operating system (S. Zhao, 2018). If there is no isolation between the host and virtual machine it gives the VM to access unlimited process it is leads the virtual machine to assist with the vulnerability.
VM Escape
The virtual machine is allow for sharing the information of host machine but the isolation is provide within the virtual machine and the host and virtual machine. It is design with the program to communicate from the virtual machine to another machine without monitoring any process. The configuration is flexible of the isolation is deal with the bugs of the software. This type of thread is analysed with the VM Escape. It is the one of the worst case of vulnerability that happens while the isolation is compressed between the virtual machines and host and virtual machine. In this process of VM Escape the program is running in the virtual machine with bypass the virtual layer that is hypervisor layer.
Then it has the privilege to access the host machine and gain the root access permission to escape from the privilege of the virtual machine. Due to this problem the security framework is completely break down and access the host information without any permission. It is rectify by the host and virtual machine configuration is done properly along with the necessary communication process.
Then virtual machine is monitoring from the host
The control point of the network is start with the host in the virtual environment and this is monitoring the all the communication involves from the host. Therefore the host machine is needed to maintain the information of communication related to the necessary actions (Tak, 2017). The host can start and shut down the system for the evaluation process. The host can able to monitor and modify the resources which is available for the communication in the virtual system. The host is having the rights to monitor the applications which are running inside the applications. It is also possible to view and copy the rights of the virtual disks which are related to the virtual machine.
All the network traffic is monitor through the host so the host is analysed and monitor the traffic occur due to the various problem of virtual machine. In this case the host is comprised the security of the different kind of virtual machine. Sometimes it creates the issue of the host is having the less authorization compare to other type of the process. It is lacking some basic rights belongs to the necessary action. So that it is need to be configuring fully along with the isolation process for the security.
The virtual machine is monitoring from another virtual machine
From the above analysis the virtual machine is monitoring from the host but here the virtual machine is monitor from another virtual machine. The tread can happen when one virtual machine is monitor the resource without any information of another virtual machine. The hypervisor is having the responsible for the managing the memory in the system. The memory protection feature is not monitoring effectively means it will be avoided with the clear process. The virtual machine does not have the wrights for managing and accessing the file from the host it leads to hack the information from the various resources.
In the process is consider with the network resources it is handle the network traffic along with the isolation depends on the connection setup of the virtual environment fully. All this information is needed to modify based on the security system along to the communication process. Suppose the host machine is connected with the guest machine through the physical medium means it is sniff the packets from the host and virtual machine.
It enable the guest machine along with the sniffing the packets through the ARP positioning and it is redirect to guest that is going and coming from the another guest. To solve this kind of the network traffic issues to authenticate the user who are involve in the virtual machine process.
Denial of service
In the virtual machine process the host and virtual machine is share the resources such as memory, CPU and network resources (Dong-Hee Kim, 2018). So it is possible to the denial of service attack by the one guest to another guest of resources used in the sharing part. The denial attack can happen during the service taken by the guest for accessing the all the resources available in other type of the guest or the system. This can be analysed with eth monitoring system of the host and virtual machines.
Hence the systems are denying the service of guest and make the request to access the resources for their utilization process. This type of the attack is happen due to the sharing the resources to the various process involved by the guest. This is handle with eh secure manner with allocating the resources to the entire guest with limited process. This may be changed according to the necessary requirement based on the analysis process.
So the virtualization is configured properly along with the resources and utilization authorities. The primary process of this is consider with the necessary process establishment that is occur during the improvement analysis by the name of guest or any other accessing process.
Attack with Guest to Guest
In this scenario is analysed the every guest access permission along with sharing procedure of the necessity action. In this scenario everyone has to take the necessity step and this will be engaged with the proper communication channel. This process is analysed while utilizing the virtual machine for their communication process.
If the attacker gathers the administration privilege of hardware devices means it is directly affect with the virtual machine then it is break down into the various resources that is used by the attacker. The attacker can process the service from one guest to another guest that is available with the supporting services.
External modification of Virtual Machine
The some of the application is running in the virtual machine platform based on the analysis of the trusting of the virtual machine. If any changes is happen in the virtual machine it is directly affect application through break down the trusting process. This will be happen when the changes are applied in the VM. For that the process of the digital sign can implement during usage of the virtual machine.
The external modification done by hypervisor
The main responsibility of the hypervisor is to provide isolation between the guests who involve in the VM environment (M. A. Ferrag, 2019). The process of converting the guest to the host and host to the guest performance is done with the hypervisor privilege. The VM is fully isolated with self-protected through the help of the hypervisor monitoring process. It is considered with the process that is needed to evaluate the process communication of the virtual machine that is involved in the security process.
If the hypervisor is not working properly means then the total security will be changed. This problem is handle with the using the secure hypervisor like SHype to provide the security of the hyper layer. It is analysed with the various process involve in the security implementation in the virtual machine.
Recovering username and password in VMware Virtual Machine
Here consider the VMware ESXi server and VSphere client is used for the creating the virtual machine in the windows based operating system. During the password creation of virtual is maintain the good habit of provide different kind of password. It is easy to maintain the more than one virtual machine in single resources utilization.
Tools used for recovery
The PCUnlocker is the one of the power windows tool to recover the password that can be successfully recover the password in simple way. Download the Zipped ISO file and saved it into the physical devices then open the VMware VSphere client then login to the ESXi server. Then using the setting can recover and reset the password whenever it is needed.
Then switch the options tab and select with the boot option then it is needed to monitor the evaluation of the process. Next select the under of power on boot delay button then it will display the information of the how long the delay will happen during the restart the VM. Now power on the virtual machine then it displays the information of the BIOS with the options at bottom of the screen. Then start with eth boot up menu.
In the top of the VSphere client menu process with the CD – ROM icon then select with CD / DVD drive then move with the connect ISO local image on the disk process.
Then it is boot with the CD image and redirect to the PCUnlocker program that will shows the information of list of the windows local account that is already exist in the virtual machine then choose the account then recover the password or reset the password. This will process is automatically monitor with the host system which is involve in the various resource sharing process along to the necessary communication. Like that the username and password will be recovered while using the virtual machine is the username and password is missed or forget. This is the one of the secure way to recover the username and password in the virtual machine.
Security Issues and solutions
Based on the above analysis there are many issues happen while running the virtual machine or deploying the virtual machine along with the isolation. The security issues are considered then it is implementing with the necessary process to recover the system effectively.
Protection and patches for virtual machine log issues
Already discussed about the virtual machine logs happen in the VM during the access of more than one guest accessing the resources and that is evaluated with the necessary information in the term of protection and patches. In this to avoid the virtual machine log problem to maintain the security measures up to date. Then include the proper patches for monitoring the VM. In this the most important thing is to track the virtual machine working status along with the antivirus or anti-spy like that. The production is enabling with the every VM in the virtual environment. Then check with space availability of the every process that is considered with the every process.
Anti -virus scan
The each virtual machine is work with the specific operating system that is need to be monitor otherwise all other process is distracted. So the antivirus software is needed to install for monitoring the operating system of the various virtual machine. Depends on the usage of the virtual machine the software firewall can be install with the virtual environment (Ismail, 2012). While using the large number of the virtual machine the scan process is clearly schedule with the necessary communication process.
The scanning of the all the virtual system is done with the simultaneously means it will affect the system process because it is virtualize the software intensively. So the virtual machine process is scan with the antivirus or software firewall in balancing manner for smooth execution of VM.
Serial port
It is act as the interface for the connecting the various devices in the virtual platform. The physical system is providing the support of the low level connection to the console server and the virtual serial port allow the connection that is established with the secure manner.
Deployment of virtual machine done with the templates
When we will install the guest operating system and application manually in the virtual machine it is provide the risk of the misconfiguration process. For this problem can be avoided using the template that is already available in the virtual machine system. The procedure is considered with the creation of virtual machine and sharing the resources.
Reduce the usage of virtual machine console
To secure the virtual machine reduce the usage of console in the virtual machine. The console provides the function with same name and it is establish with the need of physical server. That is monitoring the all the process of physical devices and it is needed to monitor the execution of the different kind of the virtual machine in the virtual environment.
Use the native mode service that is connecting the service along to the necessary virtual system. That is terminal services and SSH to interact with the other virtual machine. Provide the access permission to the virtual machine in console mode when it is necessary. This will be analysed with the every status and that is used with the necessary communication process.
Avoid the virtual to take over resources
The security is measure with the usage of the resources by the virtual machines. The virtual machines are to avoid the allocation of over resources. It allocates only the necessary resources for the process of communication and other type of process.
Disable the function which is no need in the virtual machine
The virtual machine has the number of function to execute or run the system. Analyse the functions which is unnecessary to the virtual machine that is need to eliminate from the virtual machine. Then securing the virtual based operating system using the virtualization based security process.
Conclusion
This report contains the information of the investigation of the security system that is VMware virtual machine and that is considered with the necessary security methodology. The security of the virtual machine is maintained with the implementation of the virtual trusted platform module to the virtual machine and use the template to deploy the virtual machine and use the virtual machine console very less and prevent virtual machine from the taking over resources (European Union, 2017). Securing windows guest operating system with virtual machine security processes. Like that various analysis done with the process of measurement in the virtual machine to provide the security level. Then analysed the way of recovering username and password from the VM if it is loss or forgot.
Bibliography
Dong-Hee Kim, S.-J. B.-I. (2018). A study on the admissibility of the virtual machine image file as a digital evidence in server virtualization environment. Korea Institute of Information SSecurity & Cryptology, Jounal of Korea Institute of Information Security & Cryptology,.
European Union. (2017). Council Directive 2008/114/EC of 8 Decem-ber 2008 on the identification and designation of Europeancritical infrastructures and the assessment of the need toimprove their protection,. Official Journal of the EuropeanUnion, 69-79.
Hassan, A. B. (2018). New Smart Platform for Automating MPLS Virtual Private Network Simulation. IEEE.
Ismail, M. (2012). Study the Best Approach for Virtual Private Network Implementation: CPU and Memory Usage Performance. INTERNATIONAL JOURNAL OF MULTIDISCIPLINARY SCIENCES AND ENGINEERING,, 12-17.
- Coffey, R. S. (2018). VulnerabilityAnalysis of Network Scanning on SCADA Systems,. Securityand Communication Networks,vol.2018,ArticleID3794603, 21-32.
- A. Ferrag, L. A. (2019). Authentication protocols for internet of things: a comprehen-sive survey,. Security and Communication Networks,vol.2017,Article ID 6562953,, 68-75.
- Judith Bellar. (2015). Cloud Computing Security with VPN. International Journal of Advanced Research in Computer and Communication Engineering .
Taesuk Kwon, J. B. (2019). Study on digital forensics in virtualization environment. Korean Institute of Information Technology, Jounal of Korean Institute of Information Technology, .
Tak, J. (2017). Public institutions apply the virtualization technology implications, National Information Society Agency. Analysis Pending Issue of the Information Society II.
Vasile C.Perta, M. V. (2015). A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients. Proceedings on Privacy Enhancing Technologies.
Verma, S. P. (2015). A Survey on Performance Evaluation of VPN on various Operating System. IJEDR .
Know more about UniqueSubmission’s other writing services:
1 Comment