Is testing malware inside sandbox or vm safe?

Well your knowledge will be the AV cause you can easily identified which are malicious and not. :) Unlike AV its needs to be update for the new definitions
 
Yes james, you could say I needed to be updated and checked for new definitions aswell which in all these years of learning about security, computer viruses, malware and testing etc has updated my mind to help protect me against the threats that lurk out there on the web, Easy said then done as the average users have the let down of not having the knowledge for all this, Solution? Antivirus software.
 
A person with AV will not be infected as long its updated and the realtime is running in the background to check every file.

While a person who don't have an AV but he use the knowledge to make sure that the file was download are safe then necessarily when he have an on demand scanner just to make sure he is not infected.
 
But they both manage to keep their PC clean. I can't remember the last time when I had an infection and I probably only had a couple over the years. I've always had an AV installed. It is there "just in case" and as far as resource usage is minimal I feel no need to remove it. In some cases there is the risk of false sense of protection - you feel invincible behind your av and allow yourself to make mistakes, this will most likely get you infected. As long as you don't fall into this trap, I see nothing wrong in using an av.

The fact that MrXidus manages to stay safe while not using an av proves that it is possible, but I don't want the average user to read this thread and somehow get the idea that an av is useless, or even worst, if you are using an av you're probably not as smart as someone who doesn't use one. This would be bad advice.
 
bogdan said:
The fact that MrXidus manages to stay safe while not using an av proves that it is possible, but I don't want the average user to read this thread and somehow get the idea that an av is useless, or even worst, if you are using an av you're probably not as smart as someone who doesn't use one. This would be bad advice.
Click to expand...

Agreed.

It's sound advice even for the above average user.

Probably a large percentage of us around here know what we're doing, yet we still run real-time AV protection.

I personally feel it's a bit silly to run without a real-time AV, even if you know what you're doing. It's just adding a layer of protection just in case...

I've never had a car accident in the almost 30 years that I've been driving, but I wear my seatbelt anytime I get in the car, just in case. I've also never wrecked/fallen off of a motorcycle, but I wear a helmet, just in case. ;)
 
lol... Touche I am the emergency crew that arrives at the scene of the accident does that sound better?

By that I mean no problem at all I have the medical training needed to quickly heal the accident.
 
Testing malware should never be taken lightly, even when it's done inside a VM, it's not a toy and it will never be 100% safe to test, especially if you have shared folders on, something you shouldn't do unless you really need to, plus sharing the directories you need is a big mistake. A friend of mine had went through this, he was testing a variant of GPCode and while doing that, he's shared folder was being attacked, some files were caught, but they weren't needed luckily. Most of all, don't test malware if you don't know what your doing!
 
I have not intentionally set out to test malware, but I have encountered some very nasty potential infections while sandboxed, yet I have never had anything malicious to breach the sandbox.

That is not to say that it cannot happen.
 
You must log in or register to reply here.

You may also like...