http://blog.clearnetsec.com/articles/2008/04/14/when-virtual-servers-play-havoc en-us 40 <p> I recorded a tidbit which came from a comment spoken at one of this year's RSA panel tracks. I hadn't thought of this issue on a big scale. It was a comment on how disruptive an environment which frequently <i>"resets"</i> virtual servers as part of normal business is to security. </p> <p> It's obvious such an environment can have a significant impact on security tools, especially those which strive to learn patterns or look at history or both. </p> <p> I was just imagining if I was a security admin responsible for a large block of EC2 virtual servers. As part of that, maybe the use of these blocks of servers is similar to a class lab whereby students get to install and do anything they want on the servers. When they're done, the instructor runs around and resets all the servers. Extrapolate this and it can lead to a hard problem, security speaking, for general cases. </p> <p> I haven't meditated on this issue, but I'm guessing it'll become more visible in short time. </p> Mon, 14 Apr 2008 15:19:00 -0600 urn:uuid:df455eaa-c476-4bdc-a7da-17e8764b7ce9 tate@ClearNetSec.com (Tate Hansen) http://blog.clearnetsec.com/articles/2008/04/14/when-virtual-servers-play-havoc security ClearNet ClearNet Security Tate Hansen virtual servers virtualization