About VPN and Malware testing tips?

TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
Good morning, I will soon have a spare PC, so i decided to start antivirus tests on it (performing execution test also), I have a few questions.. First, I'd like to know more about VPNs. I have never used them, and I'd like to know why it is better to test using one of them. Then, when i will start to test Avs, I won't only use common sites like vx-vault, malcode database, clean mx but I'd like to surf the web looking for malware. Is it difficult to find malware while surfing? (my favourite targets are fake flash player and Java downloads). Thank in advance and Good weekend ;)
 
  • Like
Reactions: brambedkar59, AtlBo, upnorth and 2 others
D

Deleted Member 333v73x

TheMalwareMaster said:
Good morning, I will soon have a spare PC, so i decided to start antivirus tests on it (performing execution test also), I have a few questions.. First, I'd like to know more about VPNs. I have never used them, and I'd like to know why it is better to test using one of them. Then, when i will start to test Avs, I won't only use common sites like vx-vault, malcode database, clean mx but I'd like to surf the web looking for malware. Is it difficult to find malware while surfing? (my favourite targets are fake flash player and Java downloads). Thank in advance and Good weekend ;)
Click to expand...
Even if you have a spare PC do it in a VM also sandbox the VM to prevent malware escaping from it, a VPN when it is activated will change your IP, it's mainly used for privacy...
 
  • Like
Reactions: AtlBo, upnorth and DracusNarcrym
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Fake flash, java and download Ads usually result in Adware or other unwanted software (PUP).

Finding dangerous malware requires a lot more time, money and patience.

Where did you find that "Testing using a VPN is better"?
 
  • Like
Reactions: AtlBo, DracusNarcrym and TheMalwareMaster
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
Huracan said:
Fake flash, java and download Ads usually result in Adware or other unwanted software (PUP).

Finding dangerous malware requires a lot more time, money and patience.

Where did you find that "Testing using a VPN is better"?
Click to expand...
I wrote malware but i was meaning general threats, both malware and adware/PUPs. I read here "remember your firewall and VPN client enabled" How to start analyzing malware (Guide)
 
  • Like
Reactions: AtlBo, upnorth and DracusNarcrym
DracusNarcrym

DracusNarcrym

Level 20
Verified
Top Poster
Well-known
Oct 16, 2015
970
First things first, even if it is a testing PC, I would recommend you conduct the tests within virtual machines.
Virtual machines are emulated computer systems which are capable of running so-called guest operating system installations. They are essentially completely isolated from the host machine (the machine which contains and runs the virtual machine software), which means that malware will not be able to harm your system and you will be able to freely test any malware sample and essentially any other software.
Do note however, that (although rarely) some malware samples incorporate certain routines which are able to detect whether they are trying to be executed within an emulated environment. Thus, some specific malware samples may not run at all. (however, the vast majority of malware is not coded to be virtual machine-aware, so you will most probably not run in such issues)

One of the best virtual machine deployment and management applications is VirtualBox which is also free and open-source.
Virtual machines also have some handy features like guest snapshots (instant backups of a specific state of a virtual machine, which you can use to restore the guest OS to that state), which may facilitate the testing procedure. (you won't have to re-install or repair the system after antivirus or malware testing)

VPNs (virtual private networks) are private networks (such as the local network in your home) which is extended over a public network (such as the Internet) by means of dedicated endpoint-to-endpoint connections (computers "talking" to each other thus creating "endpoint-to-endpoint" connections) and/or virtual network tunneling protocols (tunneling protocols allow for the providing and access of a network service, that the underlying, actual network, does not directly provide/support - think of a tube inside another tube), both options usually also incorporating traffic encryption.
As far as VPNs are concerned, I do not believe they are necessary parts of software testing procedures, and even when it comes to malware testing, VPNs can actually hinder the tests (since most VPN services filter malicious domains), than facilitate them. VPNs can only shield your local network in the case of malware testing, so that it cannot infect your other PCs connected in the network. (malware will be forced recognize the VPN connection and not your local network)

All in all, I recommend you install some sort of virtual machine software, create and deploy a virtual machine, and run your tests there.
There is no need to run any type of tests (either software/antivirus tests or malware tests) in a physical machine.
 
  • Like
Reactions: AtlBo, mal1, TheMalwareMaster and 1 other person
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
DracusNarcrym said:
First things first, even if it is a testing PC, I would recommend you conduct the tests within virtual machines.
Virtual machines are emulated computer systems which are capable of running so-called guest operating system installations. They are essentially completely isolated from the host machine (the machine which contains and runs the virtual machine software), which means that malware will not be able to harm your system and you will be able to freely test any malware sample and essentially any other software.
Do note however, that (although rarely) some malware samples incorporate certain routines which are able to detect whether they are trying to be executed within an emulated environment. Thus, some specific malware samples may not run at all. (however, the vast majority of malware is not coded to be virtual machine-aware, so you will most probably not run in such issues)

One of the best virtual machine deployment and management applications is VirtualBox which is also free and open-source.
Virtual machines also have some handy features like guest snapshots (instant backups of a specific state of a virtual machine, which you can use to restore the guest OS to that state), which may facilitate the testing procedure. (you won't have to re-install or repair the system after antivirus or malware testing)

VPNs (virtual private networks) are private networks (such as the local network in your home) which is extended over a public network (such as the Internet) by means of dedicated endpoint-to-endpoint connections (computers "talking" to each other thus creating "endpoint-to-endpoint" connections) and/or virtual network tunneling protocols (tunneling protocols allow for the providing and access of a network service, that the underlying, actual network, does not directly provide/support - think of a tube inside another tube), both options usually also incorporating traffic encryption.
As far as VPNs are concerned, I do not believe they are necessary parts of software testing procedures, and even when it comes to malware testing, VPNs can actually hinder the tests (since most VPN services filter malicious domains), than facilitate them. VPNs can only shield your local network in the case of malware testing, so that it cannot infect your other PCs connected in the network. (malware will be forced recognize the VPN connection and not your local network)

All in all, I recommend you install some sort of virtual machine software, create and deploy a virtual machine, and run your tests there.
There is no need to run any type of tests (either software/antivirus tests or malware tests) in a physical machine.
Click to expand...
I forgot to mention that the spare PC is a really old intel Pentium 4 with only 1 gig of ram , which I will only use for malware testing. I don't think it can support a virtual machine! If needed, I will format it if i get infected
 
  • Like
Reactions: upnorth and DracusNarcrym
DracusNarcrym

DracusNarcrym

Level 20
Verified
Top Poster
Well-known
Oct 16, 2015
970
TheMalwareMaster said:
I forgot to mention that the spare PC is a really old intel Pentium 4 with only 1 gig of ram , which I will only use for malware testing. I don't think it can support a virtual machine! If needed, I will format it if i get infected
Click to expand...
In that case, virtual machines will indeed not be able to run properly.
However, instead of formatting the PC every time, I would recommend you use Paragon Backup & Recovery Free Edition or similar backup software, to create backup system images of a known clean state of your system (e.g. immediately after installing the OS and all required updates), and then use Paragon's bootable rescue media to restore that clean state from those system images after the malware tests.
The whole process of restoring your system from system images should take around 10-30 minutes.
 
  • Like
Reactions: AtlBo, frogboy and TheMalwareMaster
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
DracusNarcrym said:
In that case, virtual machines will indeed not be able to run properly.
However, instead of formatting the PC every time, I would recommend you use Paragon Backup & Recovery Free Edition or similar backup software, to create backup system images of a known clean state of your system (e.g. immediately after installing the OS and all required updates), and then use Paragon's bootable rescue media to restore that clean state from those system images after the malware tests.
The whole process of restoring your system from system images should take around 10-30 minutes.
Click to expand...
Thank you :)
 
  • Like
Reactions: AtlBo and DracusNarcrym
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Well as a casual web surfer you may found little difficulty to encounter a virus due to websites implements vulnerability prevetion unless going to unknown sites.
 
  • Like
Reactions: AtlBo and DracusNarcrym
You must log in or register to reply here.

Similar threads

R
    • Like
Question Some questions about the iPad
Replies
60
Views
1,779
macOS, iOS & iPadOS
Bot
Bot
Xeno1234
    • Like
    • Applause
Serious Discussion How to set up a safe environment for Malware Testing
Replies
18
Views
956
General Security Discussions
ForgottenSeer 97327
F
n8chavez
    • Like
Question VPN DNS Filtering
Replies
29
Views
1,716
VPN and DNS
n8chavez
n8chavez

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top