-4

I wonder if there is a chance that the VPS service provider can access my Windows VPS even I have changed the default password?

IT-Fan
  • 93
  • 1

3 Answers3

6

Anyone with physical access to the host eventually will be able to get at your system and change it arbitrarily - including the ability to change the password.

In the special case of a virtual machine, this would be even easier as anyone with control over the hypervisor could modify the vCPUs behavior and read the guests' memory. Even with encryption in place it would be possible to read the encryption key while the system is running, snoop on your password entry while you are logging on or insert instructions / system calls to be executed next - e.g. to reset the administrator's password.

In other words: in a VM you have no other choice but to trust your hoster is not doing any of these things.

the-wabbit
  • 40,319
  • 13
  • 105
  • 169
2

One thing to keep in mind with any and all security concerns is that hardware access trumps anything you can do. If you have access to the physical server, you are the beginning and end of the security for that server.

No matter what you do on your VPS, the owner of the machine has the last say when it comes to security. This doesn't mean that you should worry about them accessing your machines, because in all likely-hood no-one will even try to access your machines. But if you want a definitive answer: yes they can reach your VPS.

Reaces
  • 5,547
  • 4
  • 36
  • 46
-1

Yes, it is possible, at the very least as long as you don't encrypt your disk images.

Sven
  • 97,248
  • 13
  • 177
  • 225
  • 3
    Encryption won't help. The VPS has to get the key from somewhere, the provider could get it from the same location. Besides the key would have to be in memory while the file system is mounted, the provider can copy anything inside memory of a VPS. – kasperd Nov 25 '14 at 13:44
  • @kasperd: You are right, it's not really absolutely secure, that's why I said "at least as long...". However, I think that accessing an encrypted image is more difficult than just loopback-mounting an image file with `kpartx`. – Sven Nov 25 '14 at 14:12
  • 1
    Yes it takes a little bit more than just mounting the disk image. But it's not much more than that, especially with actual forensic tools. I've used a program that you literally point at the disk image and the memory dump, it does the rest for BitLocker or TruCrypt. – Chris S Nov 25 '14 at 14:22