WidgetsInc has made a deal with Benny Vandergast Incorporation to easily develop new web-based store. Benny Vandergast has come up with a VMware machine which can be used for easily testing. VMware is known to be an industry leading software firm. It takes into consideration customer safety and security in much serious (Wei et al. 2017). VMware come up with certain programs and practices which helps in identification of various security issues in their products. It also focuses on mitigating various kinds of software security risk to customers. The programs are changing on regular basis depending on own experience and learning from various industry collaboration and observation. The virtual machine is a well-known software or OS (operating system) which does not only come up with the ability to perform a task on running machine and separate systems (Davie et al. 2017). With the passage of time, the virtual machine is becoming more common due to growth in virtualization technology. The virtual machine is generally created to perform a large number of a task other than which are performed in the host environment. Virtual machines are mainly implemented by different methods of simulation and hardware virtualization techniques. The virtual machine is mainly differentiated into two categories that are system virtual machines and process virtual machine.
In the coming pages of the report, an idea has been provided the importance of VMware virtual machine for testing. After that security evaluation of the security of the system has been discussed in details. A manual security of the website on the virtual portal has been provided. The total evaluation of the website is done without any kind of password or username. A proper description has been provided regarding the various tools and techniques for evaluation of the system.
Investigation of security of the system
Virtual machines are considered to be well-known technology in the industry of information technology. They are used in the domain of cloud computing for its benefits like effective, scalability (Apecechea et al. 2014). They are largely used in security for detection of any kind of malware like honeypots. With the growth of the mobile device market, VM is being widely used as an emulator for detection of malware in a mobile device. The mobile device can easily perform a similar function to a computer system. Mobile device comes up with the same kind of vulnerabilities and issues which are encountered by a computer system. Smartphones are limited by resources like a battery, lack of storage and processing. The integration of mobile devices and cloud computing have resulted in lack of resources which are available to various mobile devices and cloud technology (Hogan and Epping, 2016). A large number of resources should be there for looking into the security mobile which is required for detection of malware and monitoring of security. A malware detection security system making use of VM is of critical vulnerability. In the beginning, malware will try to analyze the environment in which it will run. By the help of VM detectors, malware creators can easily write programs which will help in detection a VM environment. It would a serious consequence on the use of various mobile devices used for any kind of application which helps in the detection of malware (Solaimani et al. 2014). With the development of malware detection like VM environment can easily reduce the value of risk of the behavior of harmful operation like botnet attacks which helps in detection of VM environment. It can have serious consequence on the various application on VM which can gain trust and value. A large number of methods or ways are available for analyzing existence VM. A single process can be used only once to gain the trust of various users.
VMware can easily help in running the Ubuntu and this can be dealt by data management. It helps in performing certain number of tools which will help in performance of Operating System of Ubuntu. VMware needs to be develop for proper processing of security check. VMware software needs to be installation for getting an access to the portal. After the installation of the given VMware which comes up with certain number of question of the given project which requires id for login and password. Both the things are mandatory for the initiation of the given project. After the installation of both username and password, the major which is encountered is the selection of Ubuntu and recovery mode of Ubuntu. After logging into the processing model of recovery of Ubuntu, root option comes into action. Proper dropping of root is done by the help of shell prompt in this section.
The code “whoami” is taken into account in the given root widget. The proper ending of task may result in generation of second kind of available code that is “cd/home” is used. After the use of both code ‘ls’ applied to given section. This has ultimately lead to that user name of the given system which needs to be displayed.
At the last stage there are certain command of line of code, after which the username will be displayed.
The code looked in the processing of this project are:
Run Level Command
There should be proper password which must be set by the help of command lines ‘mount –n –o remount, rw /’. This particular command is needed for entering in the given UNIX command along with alteration of given command. It ultimately leads to the fact that User can have server and server as a platform which is needed for having an access to the given platform and password for reset. After providing the password which is given in the text pops which helps in understanding the requirements of passwords.
With the completing of the given project, the given user can easily login into the server is provided in the display of the screen in the given project.
The IP address can be looked for project in the data management which is inclusive of different data processing with regards to IP address feature at the given portal. ‘ifconfig’ is a well command which is needed for analyzing the different credentials of the project management with proper collaboration with proper IP address. It is not used for understanding the given collaboration of the given server by the help of IP address. Along with it will ensure details of Internet protocol can be a processed terminology of the project that is UNIX system.
In the given virtual machine, the data needs to be provided which will be helpful for data management system with respect to connectivity of the given server.
PING command helps in assuring the fact that the method of connectivity of the server is provided. With respect to the given server no kind of connectivity is given with respect to the server. It will ultimately lead to the fact that all the given data needs to check the security of project failure. Different packages are there in server which provides proper information which started by the method connectivity, ensuring the fact that the data is processed in much efficient way.
By making use of nmap the complete details of packaging can be done which helps in gaining an idea regarding the availability of ports. All the provided information is collected in the given UNIX server. Installation of nmap can be done by the help of ‘sudo apt-get install nmap’ code.
After the installation of the given Nmap, the IP address is given. It has led to both data processing and analysis of data management. After the proper manual processing of given data, the IP needs to be successfully updated.
SQL injection
Injection of SQL is all about proper processing of data management which will ensure the fact that it is restored in the method of data processing. It will ultimately lead to data management of define security alerts with respect to SQL. It has ultimately led to input box which will provide an idea regarding different kinds of available technology.
Testing of widgets is done with the help of two stages. The first stage will be totally based on Ubuntu terminal testing. It is the major kind of test which needs to be done for proper processing data. Both the username and password has bene provided for getting access to UNIX server which is needed for this organization. By making of RDBMS the security of the given data is provided in the given information with high value.
As soon as competition of SQL takes place the major process which is taken into account is management of data by the help of mkdir command which is needed for processing in the given command which is needed for security of the given data system. The command mkdir is needed for creation of new kind of directory which helps in allocating more space.
GiT repository is used in processing of different project. It is due to the given fact that installation of data management can be done by the help of installation of different packages which helps in establishing connection with the given command in the git.
One port testing
Port 22 comes up with major impact which is needed for SSH log in the given system. Port number 80 helps in analyzing the benefits with respect to system usage which is needed for testing of the nmap system. Nmap and WebDAV are considered to be two major kind of advantages which is needed for competition of testing procedure.
Proper installation of nmap can be done in the completing in the given system which is there is the given project.
nmap –T4 –p80 –script=http-iis-webdav-vuln 192.168.34.130’ code is used for proper processing and testing of the given system for this particular project. Vulnerability of p80 is donewith respect to WebDAV. Port 22 needs to commanded with the help of command that is ‘nmap –T4 –p22 –script=http-iis-webdav-vuln 192.168.34.130’. Port 22 comes up with vulnerability which is high and robust platform. WebDAV comes up with vulnerability for vulnerability for the given ports which is low.
Proposal for securing system
All the security issues in the VMware atmosphere can be improved by taking the following steps like:
VMware Data Recovery: VDR is a well-known agentless backup solution which comes up with employment of snapshot and deduplication of data. While running a virtual machine like a Linux appliance, VDR can easily make a backup of important data. The backup and data recovery in VDR is launched with the help of VMware center. VDR makes use of API of Vstorage which is used for data protection (Roy et al., 2015). A VM-level back up is required for possible faster recovery and any kind of backup. By making use of block-level data one can easily keep the disk space to be a minimum level. VDR is inclusive of three parameters like Enterprise plus, advanced and essential plus.
Change block tracking: Earlier, back up of VMDK is all about moving large files around the LAN and SAN. It ultimately results in increasing the traffic of network and time involved in back of the whole process. VMware makes use of CBT which is present in vSphere 4 which is used for improving the performance of the whole system (Shaikh, F., Ji and Fan, 2017). CBT mainly allows VMkernel to track down any changes in virtual machine block. Backup of given application can be used by storage API which is used for identifying various blocks.
Thin provisioning: VMware makes use of some kind of improvement which is used for overcommitting the given space (Deane et al. 2015). Whenever a VM is created a proper storage is allocated to it. Virtual machines do not come up storage space assigned. So, in the end, it is seen that the VMDK file will be a larger file to check in. Backup of application is considered as a recognizable thing which is used for providing to them. But one thing should be taken into consideration is it process or method to take up valuable time.
Data deduplication: It is not a new kind of feature which makes use of VDR backup. So, it is important to have a look into the backup application which provides this particular feature. Making use of other features like CBT, storage for API for protection of data (Pandiarajan and Babulal, 2016). It mainly requires a certain number of procedure which will be helpful in the backup of data. Duplicate data is a well-known method which eliminates duplicates in the proxy server. It will ultimately reduce the amount of data which is transferred and stored for improving the performance.
vCentre Server plug-ins: Proper management and monitoring of services help in proper integration of server (Mao and Iravani, 2014). Backup vendors generally provide a certain number of service on virtual machine portal which is inclusive of both success and failure.
Granular Recovery: Recovery at file level has now become possible without the need of any two-step process. It mainly allows the various organization to easily perform a proper image backup which does not have any kind of impact on the host system (Tong, Yan and Yu, 2015). It does not focus on either of bare-metal which is from the side of file recovery.
iSCSI enhancement: Organization like Benny Vandergast Inc makes use of iSCSI initiator which is mainly used for storage in the given environment of the virtual server(Biggio et al. 2015). Apart from this, a large number of things can be benefitted like disk I/O along with the reduction of CPU overhead benefits of whole backup processes.
Direct backup from shared storage: Network bottlenecks and inefficiency are created due to backup of the path(Deane et al. 2015).. A direct to the path is provided which allows back up of important data to go into the respective storage. Virtual disk data mainly run from a device known as SAN storage.
VMware vStorage API used for data storage: VMware comes up with VMware consolidate backup (VCB) command lines which are used for simplification of data protection. It mainly allows a system image to easily captured without affecting the application (Roy et al., 2015). With the help of VCB, backups are there so that there can be no amount of content to be present in it. This particular process removes the requirement of an agent to perform virtual machine and provides a proper kind of recovery. VMware requires two step back or any kind of recovery which is used for providing file recovery. VMware changes the facilitation of the whole backup process. In spite of that, it requires VCB and implementing stage without any kind of backup application (Costan, Lebedev and Devadas, 2017). Back up data can be used to access data on VMFS volume. This particular integration helps in having an idea regarding the implementation in the much better way.
No, physically proxy required: A physical machine is needed for backup of the proxy server (Shahzad, Iqbal and Bokhari, 2015). Currently, the organization is looking for a reduction of infrastructure commitment as because the various proxy system which is mounted to LUN can be also a virtual machine.
Conclusion
From the above discussion, it can be easily concluded that this report is all available security tools for VMware. In this report, a case study has been provided where Widgets have contracted Benny Vandergast to provide a VMware virtual machine which can be easily used for testing. This particular organization has decided to give the task of evaluating the system to Benny Vandergast Inc. In the above pages of the report, an idea has been provided regarding manual security evaluation of the system on the virtual system. A list of things has been provided like IP address of the system, username, and password. All this thing need to be discovered as an important part of an investigation for the report. In the above pages of the report three important aspects have been taken into consideration like tools and techniques, the result obtained and methods have been discussed which can be used for securing the system. In the above pages of the report, two kind of hypervisor that is type 1 and type 2 has been discussed in details. An idea has been provided regarding IP timestamp which helps in having an idea regarding VM. On properly analyzing the various kinds of tools and methods a large number of things have taken into consideration like VMware tools are outdated, the Virtual machine comes with limited memory space, age and size of VM and lastly logging limitation of Virtual machine. A list of ways has been discussed which can be used for securing the system are VMware data recovery, change block tracking, thin provisioning, data deduplication, plug-ins, direct backup from storage, API for storage of data and lastly no physical proxy are needed.
References
Apecechea, G.I., Inci, M.S., Eisenbarth, T. and Sunar, B., 2014. Fine grain cross-vm attacks on xen and vmware are possible!. IACR Cryptology ePrint Archive, 2014, p.248.
Biggio, B., Fumera, G., Russu, P., Didaci, L. and Roli, F., 2015. Adversarial biometric recognition: A review on biometric system security from the adversarial machine-learning perspective. IEEE Signal Processing Magazine, 32(5), pp.31-41.
Bose, R. and Sarddar, D., 2017. Developing a Secure Mode for Hybrid Distribution of University Course Learning Materials. International Journal of Computational Intelligence Research, 13(8), pp.2075-2093.
Costan, V., Lebedev, I. and Devadas, S., 2017. Secure processors part II: Intel SGX security analysis and MIT sanctum architecture. Foundations and Trends® in Electronic Design Automation, 11(3), pp.249-361.
Davie, B., Koponen, T., Pettit, J., Pfaff, B., Casado, M., Gude, N., Padmanabhan, A., Petty, T., Duda, K. and Chanda, A., 2017. A database approach to sdn control plane design. ACM SIGCOMM Computer Communication Review, 47(1), pp.15-26.
Deane, J.P., Gracceva, F., Chiodi, A., Gargiulo, M. and Gallachóir, B.P., 2015. Assessing power system security. A framework and a multi model approach. International Journal of Electrical Power & Energy Systems, 73, pp.283-297.
Halderman, J.A. and Teague, V., 2015, September. The new south wales ivote system: Security failures and verification flaws in a live online election. In International Conference on E-voting and Identity (pp. 35-53). Springer, Cham.
Hogan, C. and Epping, D., 2016. Essential Virtual SAN (VSAN): Administrator’s Guide to VMware Virtual SAN. VMware Press.
Irazoqui, G., Inci, M.S., Eisenbarth, T. and Sunar, B., 2014, December. Fine grain cross-VM attacks on Xen and VMware. In Big Data and Cloud Computing (BdCloud), 2014 IEEE Fourth International Conference on (pp. 737-744). IEEE.
Kamboj, N., Saggu, S., Lamba, A. and Singh, M., 2017. A Review: Analysis and Comparison of Different Detection Techniques of IDPS. Journal of Engineering and Applied Sciences, 12(22), pp.5939-5943.
Kotra, J.B., Kim, S., Madduri, K. and Kandemir, M.T., 2017, October. Congestion-aware memory management on NUMA platforms: A VMware ESXi case study. In Workload Characterization (IISWC), 2017 IEEE International Symposium on (pp. 146-155). IEEE.
Mao, A. and Iravani, M.R., 2014. A trend-oriented power system security analysis method based on load profile. IEEE Transactions on Power Systems, 29(3), pp.1279-1286.
Pandiarajan, K. and Babulal, C.K., 2016. Fuzzy harmony search algorithm based optimal power flow for power system security enhancement. International Journal of Electrical Power & Energy Systems, 78, pp.72-79.
Pathak, M., 2015. SAP Business Suite on Hitachi Unified Compute Platform for VMware vSphere Using Hitachi Data Protection Suite.
Roy, A., Sarkar, S., Ganesan, R. and Goel, G., 2015. Secure the cloud: From the perspective of a service-oriented organization. ACM Computing Surveys (CSUR), 47(3), p.41.
Shahzad, F., Iqbal, W. and Bokhari, F.S., 2015, October. On the use of CryptDB for securing Electronic Health data in the cloud: A performance study. In E-health Networking, Application & Services (HealthCom), 2015 17th International Conference on (pp. 120-125). IEEE.
Shaikh, F., Ji, Q. and Fan, Y., 2017. An ecological network analysis of the structure, development and sustainability of China’s natural gas supply system security. Ecological indicators, 73, pp.235-246.
Shirinbab, S., Lundberg, L. and Ilie, D., 2014. Performance comparison of kvm, vmware and xenserver using a large telecommunication application. In Cloud Computing. IARIA XPS Press.
Solaimani, M., Iftekhar, M., Khan, L. and Thuraisingham, B., 2014, October. Statistical technique for online anomaly detection using spark over heterogeneous data from multi-source vmware performance data. In Big Data (Big Data), 2014 IEEE International Conference on (pp. 1086-1094). IEEE.
Solaimani, M., Iftekhar, M., Khan, L., Thuraisingham, B. and Ingram, J.B., 2014, December. Spark-based anomaly detection over multi-source VMware performance data in real-time. In Computational Intelligence in Cyber Security (CICS), 2014 IEEE Symposium on (pp. 1-8). IEEE.
Solaimani, M., Khan, L. and Thuraisingham, B., 2014, August. Real-time anomaly detection over VMware performance data using storm. In 2014 IEEE International Conference on Information Reuse and Integration (IRI) (pp. 458-465). IEEE.
Tong, Y.J., Yan, W.Q. and Yu, J., 2015. Analysis of a secure virtual desktop infrastructure system. International Journal of Digital Crime and Forensics (IJDCF), 7(1), pp.69-84.
Wei, M., Tai, A., Rossbach, C.J., Abraham, I., Munshed, M., Dhawan, M., Stabile, J., Wieder, U., Fritchie, S., Swanson, S. and Freedman, M.J., 2017, March. vCorfu: A Cloud-Scale Object Store on a Shared Log. In NSDI (pp. 35-49).
Weitzman, L., Lewis-Bowen, A., Chung, C., Mostafavi, R. and Jin, Y., 2015. A Strategy for Mobile App Development at VMware.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download