Javascript verkar inte påslaget? - Vissa delar av Lunds universitets webbplats fungerar inte optimalt utan javascript, kontrollera din webbläsares inställningar.
Du är här

A Technique for Remote Detection of Certain Virtual Machine Monitors

Publiceringsår: 2011
Språk: Engelska
Publikation/Tidskrift/Serie: Lecture Notes in Computer Science
Volym: 7222
Dokumenttyp: Konferensbidrag
Förlag: Springer


The ability to detect a virtualized environment has both malicious and non-malicious uses. This paper reveals a new exploit and technique that can be used to remotely detect VMware Workstation, VMware Player and VirtualBox. The detection based on this technique can be done completely passively in that there is no need to have access to the remote machine and no network connections are initiated by the verifier. Using only information in the IP packet together with information sent in the user-agent string in an HTTP request, it is shown how to detect that the traffic originates from a guest in VMware Workstation, VMware Player or VirtualBox client. The limitation is that NAT has to be turned on and that the host and guest need to run different operating system families, e.g., Windows/Linux.


  • Electrical Engineering, Electronic Engineering, Information Engineering


The Third International Conference on Trusted Systems, INTRUST 2011
  • Crypto and Security-lup-obsolete
  • ISSN: 0302-9743
  • ISSN: 1611-3349

Box 117, 221 00 LUND
Telefon 046-222 00 00 (växel)
Telefax 046-222 47 20
lu [at] lu [dot] se

Fakturaadress: Box 188, 221 00 LUND
Organisationsnummer: 202100-3211
Om webbplatsen