From what I have read, it's not feasible to know if VPS's data has been spied on by the host; But is it at least possible to protect the system against manipulations, such as the host installing a script on it?
2 Answers
That depends. In generally: NO.
In particular: Hyper-V Shielded VM's are exactly that - VM's protected from the host. But as "VPS" in the question context often comes as in "rental VM's by some ISP" - good luck finding a provider offering you this.
It's not possible to prevent but it's possible to detect:
- using HIDS to monitor changes in system state.
- taking checksums on file system to detect new & modified files.
Instead of technical prevention you could broaden your scope to legal actions. Make sure you have a contract that forbids this kind of activity with a mutually agreed penalty. Now, if you detect such activities with the methods mentioned above, your service provider will be liable. (In many countries this might already be illegal even without a contract, but there's no harm in explicitly ensuring it, and the contract may contain more stricter sanctions than the law.)
- Can you provide a more detailed guide? I'm a total noob here. :-)HappyFace– HappyFace2018-05-27 14:43:01 +00:00Commented May 27, 2018 at 14:43
- @HappyFace take a look at vultr.com/docs/how-to-install-ossec-hids-on-a-centos-7-server - there are many other such tutorials available.Ashley Primo– Ashley Primo2018-05-27 19:08:56 +00:00Commented May 27, 2018 at 19:08