Webbläsaren som du använder stöds inte av denna webbplats. Alla versioner av Internet Explorer stöds inte längre, av oss eller Microsoft (läs mer här: * https://www.microsoft.com/en-us/microsoft-365/windows/end-of-ie-support).

Var god och använd en modern webbläsare för att ta del av denna webbplats, som t.ex. nyaste versioner av Edge, Chrome, Firefox eller Safari osv.

A Technique for Remote Detection of Certain Virtual Machine Monitors

In English

Författare

Summary, in English

The ability to detect a virtualized environment has both malicious and non-malicious uses. This paper reveals a new exploit and technique that can be used to remotely detect VMware Workstation, VMware Player and VirtualBox. The detection based on this technique can be done completely passively in that there is no need to have access to the remote machine and no network connections are initiated by the verifier. Using only information in the IP packet together with information sent in the user-agent string in an HTTP request, it is shown how to detect that the traffic originates from a guest in VMware Workstation, VMware Player or VirtualBox client. The limitation is that NAT has to be turned on and that the host and guest need to run different operating system families, e.g., Windows/Linux.

Publiceringsår

2011

Språk

Engelska

Sidor

129-137

Publikation/Tidskrift/Serie

Lecture Notes in Computer Science

Volym

7222

Dokumenttyp

Del av eller Kapitel i bok

Förlag

Springer

Ämne

  • Electrical Engineering, Electronic Engineering, Information Engineering

Conference name

The Third International Conference on Trusted Systems, INTRUST 2011

Conference date

2011-11-27 - 2011-11-29

Status

Published

Forskningsgrupp

  • Crypto and Security

ISBN/ISSN/Övrigt

  • ISSN: 0302-9743
  • ISSN: 1611-3349
  • ISBN: 978-3-642-32297-6
  • ISBN: 978-3-642-32298-3