Exploring Layer 2 Network Security in Virtualized Environments – DHCP Attacks presented at BSidesROC 2015

by Ronny Bull,

Summary : Cloud service providers offer their customers the ability to access virtual private servers hosted within multi-tenant environments. Typically these virtual machines are connected to the physical network via a virtualized network within the host environment. This could be as simple as a bridged interface connected to multiple virtual interfaces attached to each virtual machine, or it could entail the usage of a virtual switch to provide more robust networking features such as VLANs, QoS, and monitoring. All client virtual machines are essentially connected to a virtual version of a physical networking device. In this talk we will continue to explore whether Layer 2 network attacks that work on physically switched networks apply to their virtualized counterparts. Preliminary results on the effects of mac flooding presented at DerbyCon 4.0 will be reviewed, and new information and results concerning DHCP attacks within virtualized networks will be introduced.