the State of Security

ConfigCheck

Introducing vWire!

by ~Previous Contributers

For some time now here at Tripwire there has been a team working on what has been known internally as Project Spitfire. You have seen part of this team here at the Virtual Black Hole but today is a significant coming out party for the entire team. What we announced today is the first phase [...]

Read More

Tripwire updates ConfigCheck to include ESX 3.0

by Gavin Millard

Today is a good day. Not only is the sun shining in England which, for anyone else who lives here knows is about as frequent as a heart felt apology from a politician, but Tripwire has also released ConfigCheck for ESX 3.0 to compliment our coverage of ESX 3.5. One of the most frequent requests [...]

Read More

Walk Before You Run: Most Admins Coming Up To Speed On VirtSec

by ~Previous Contributers

By: Mark Gaydos I was reading “VMware’s ESX Hardening Guideline Falls Far Short of ‘Secure’” by Edward L. Haletky in which he describes how the VMware Hardening Guideline falls short of creating a completely secure virtual environment. The thing that struck me is that many administrators are just trying to “walk” before they “run” when [...]

Read More

If A Virtualization Misconfiguration Or Security Vulnerability Exists Within An “ESX Appliance,” Does It Really Exist?

by ~Previous Contributers

Earlier this week, I read a blog entry by the Lone Sysadmin about our recently released Tripwire ConfigCheck. He noted that it found some misconfigurations in his VMware ESX server, and then goes on to ask a very interesting question: Now my question is: is ESX 3.5 an appliance or a host OS? Do I [...]

Read More

Secure or Not Secure…… That is the Question!

by ~Previous Contributers

By: Mark Gaydos I have consistently heard VMware state that their virtualization platform is very secure. Yet I was reading an article by Gregory Ness titled “Microsoft Appears To Be Ready To Start Putting the Squeeze on VMware” in which he states with Microsoft’s recent comments around Hyper-V that: “This officially puts VMware on notice [...]

Read More

Treating ESX 3.5.0 like an appliance?.. I wouldn’t

by ~Previous Contributers

Just ran across this article on The Lone Sysadmin blog along with some comments from readers and figured that I would post here in reference to it seeing as I work for Tripwire and am pretty close the development of the ConfigCheck tool and the full Tripwire Enterprise solutions. Bob asks the question: “Is ESX [...]

Read More

← Previous Entries