Blog Moved

Wednesday, February 23, 2011

This blog has moved to http://www.orchilles.com/

Virtual Machine Escape by NSA (video)

Wednesday, February 16, 2011

The NSA released a video demonstrating many attack vectors including VMEscape. The video stars ShmooCon's Bruce and Miami's Immunity Canvas software.

Check it out.

Hacker Halted 2010 Presentations

Friday, October 29, 2010

Hacker Halted 2010 presentations are up. If you were able to attend you know there were a few good talks. The event went way better than last years and EC-Council is making Miami, FL their home town for this conference. Check out the presentations here.

Till next time,
Jorge Orchilles

Windows 7 Service Pack 1 (Release Candidate)

Wednesday, October 27, 2010

Microsoft announced today the Release Candidate (RC) of Windows 7 and Windows Server 2008 R2 Service Pack 1 (SP1) to the public. For those unaware of how these software rollouts "work," the RC release generally signals that a final build is almost ready. The only new features added to the SP1 are the Windows Server 2008 R2-related virtualization technologies, Dynamic Memory and RemoteFX, and while Windows 7 SP1 will enable PCs to take advantage of these server-based features to provide a more scalable and richer VDI experience for end users, there are no additional new features specific to Windows 7.

If you do choose to install this Release Candidate make sure to backup your system. Microsoft usually makes you uninstall the RC before installing the final build of the service pack.

Download here.

VMware vCloud Director Security Hardening Guide

Monday, September 27, 2010

VMware has released a technical white paper titled: VMware vCloud Directory Security Hardening Guide which may be downloaded here. If you are looking into this technology definitely look into this:

"The VMware® vCloud™ Director Security Hardening Guide helps users who are embarking into the journey of cloud computing understand key security elements and technologies found in VMware’s vCloud Director product. It also provides guidelines and best practices for installation, configuration and operation of secure clouds based on VMware’s vCloud Director."

I have skimmed the document and it has many important points to consider at just 37 pages it isn't the definitive guide on cloud security but definitely a start.

Till next time,
Jorge Orchilles

Running ESXi 4.1 on VMware Workstation 7.0 and above

Sunday, September 26, 2010

VMware is ditching ESX for ESXi which is smaller and, best of all, free. I have been running ESX 4.0 as a virtual machine in Windows using VMware Workstation for some time now but was never able to get ESXi to run as a virtual machine. One of the students in the SANS Security 577: Virtualization Security Fundamentals class asked me if it was possible to run ESXi on VMware Workstation. Which made me wonder, now that ESXi will be the main hypervisor being pushed by VMware, would it be possible?

The answer is YES! But with a few prerequisites:
  • VMware Workstation 7.0 or above (7.1.1 officially supports vSphere 4.1 guests)
  • Dual-Core or better CPU with Intel VT or AMD-V support (may have to turn on in BIOS).
  • At least 2GB of free RAM (I suggest 4GB-8GB)
Once you have downloaded VMware ESXi 4.1 and installed VMware Workstation you are ready to begin:
  1. Open VMware Workstation
  2. File-New-Virtual Machine...
  3. Custom
  4. Hardware compatibility: Workstation 6.5-7.0
  5. Installer disc image file (iso): Click Browse... and select the iso file for VMware ESXi that you downloaded. Click Next.
  6. Click the VMware ESX check box and select ESX Server 4.0 from Version drop down. Click Next.
  7. Select the Virtual machine name and location. Click Next.
  8. Processors must be at least 2 processors with 1 core each. Increase if your system can handle it. Click Next.
  9. Memory must be at least 2048MB but if you can increase it, go for it. Click Next.
  10. Select what type of network connection. Click Next.
  11. For I/O Adapter select LSI Logic for SCSI Adapter. Click Next.
  12. Create a new virtual disk. Click Next.
  13. Virtual disk type: SCSI. Click Next.
  14. Select the size of the disk. Remember you will be running virtual machines with local storage so plan accordingly. I recommend storing as a single file for performance. Click Next.
  15. Specify the disk file name and location. Click Next.
  16. Select Customize Hardware.
  17. Click Floppy-Remove. Then add more network adapters if desired. Click OK
  18. Click Finish.
  19. Install ESXi as usual.
If this does not work for you or you have questions or comments please comment below.

I will be teaching the SANS Security 577: Virutalization Security Fundamentals course as a co-mentor with Robert Rounsavall in Miami, FL on Thursday October 28, 2010 6:00pm-8:00pm through Thursday November 18, 2010 at Terremark's NAP of the Americas. Register early!

Till next time,
Jorge Orchilles

I'm Back!

Monday, August 23, 2010

After a long break from blogging mostly due to the fact that I finally published Microsoft Windows 7 Administrator's Reference, finished a Master's of Science in Management Information Systems, and was hired by a Fortune 20 financial institution to perform vulnerability assessment/ethical hacking/penetration testing, I am officially back to blogging!

Many things coming soon:
  • SANS Security 577 Virtualization Security Fundamentals course review
  • Speaking engagement and presentation at Hacker Halted titled "Vulnerability Ass... Penetration What?
  • Hacker Halted conference. If you want to attend email me for a student code!!!!! $100 before September 15.
Glad to be back and hope you are too.

Till next time,
Jorge Orchilles