Building a Backpack Hypervisor

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

By Brendan Watters

Before I came to work for Rapid7 as a researcher and engineer, I was a developer, hacker, and technical trainer. Back then, I travelled across the country (and globe) to teach hacking, defense, and/or security tool development classes. Teaching those courses required access to targets and networks, so I almost always traveled with a powerful ESXi server. The ESXi server was contained in an 8-U portable rack and weighed around 200 pounds.

Since most of my teaching engagements were solo, I had to handle the logistics myself. Loading the mobile rack into SUVs and minivans, to be blunt, sucked. Those who travel will no doubt appreciate the problem of an expensive server that’s too large to move easily, has no backup for hundreds of miles, and does not support full disk encryption.

The server contained targets, networks, and miscellaneous data that represented a large investment in development time. Because of its size, I could not easily pack it up at the end of the day and bring it back to the hotel where I could make sure it was safe. I had to trust our customers, shippers, and third-party sites to maintain security for our intellectual property, and protect the equipment from damage.

During my time as an instructor, I was sometimes assigned classrooms without locks. Equipment would sometimes arrive damaged because a forklift operator speared the shipping crate and did not bother to report it. In later engagements, we removed hard drives at the end of the day to at least protect the data. But juggling and jostling hard drives can create problems as well, and it only solves some security issues.

Read the rest of the blog here.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
326 Followers
About Rapid7
Rapid7 (NASDAQ:RPD) powers the practice of SecOps by delivering shared visibility, analytics, and automation that unites security, IT, and DevOps teams. The Rapid7 Insight platform empowers these teams to jointly manage and reduce risk, detect and contain attackers, and analyze and optimize operations. Rapid7 technology, services, and research drive vulnerability management, application security, incident detection and response, and log management for more than 7,000 organizations across more than 120 countries, including 52% of the Fortune 100.
Promoted Content
30-Day Trial: UBA-Powered SIEM with Rapid7's InsightIDR
Rapid7 InsightIDR delivers trust and confidence: you can trust that any suspicious behavior is being detected, and have confidence that with the full context, you can quickly remediate. From working hand-in-hand with security teams, we understand how painful it is to triage, false-positive, vague alerts and jump between siloed tools, each monitoring a bit of the network. InsightIDR combines SIEM, UBA, and EDR capabilities to unify your existing network & security stack. By correlating the millions of events your organization generates daily to the exact users and assets behind them, you can reliably detect attacks and expose risky behavior - all in real-time.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel