Malware Test Help

V

Viper007

Level 3
Thread author
Verified
May 27, 2014
142
183
166
30
So i wanna make some videos on testing security programs etc againts malware but i really dont wanna do that on my pc as the hardware is really good and dont wanna mess things up, will a virtual machine help if the virus did not get detected so my pc wont become infected?

i dont have a old pc or laptop so i cannot test on anything else.

Sorry if this is wrong section im new here.
 
  • Like
Reactions: nsm0220 and Terry Ganzi
Viper007 said:
So i wanna make some videos on testing security programs etc againts malware but i really dont wanna do that on my pc as the hardware is really good and dont wanna mess things up, will a virtual machine help if the virus did not get detected so my pc wont become infected?

i dont have a old pc or laptop so i cannot test on anything else.

Sorry if this is wrong section im new here.
Click to expand...


How Virtualization Works
The heart of virtualization is the “virtual machine” (VM), a tightly isolated software container with an operating system and application inside. Because each virtual machine is completely separate and independent, many of them can run simultaneously on a single computer. A thin layer of software called a hypervisor decouples the virtual machines from the host and dynamically allocates computing resources to each virtual machine as needed.

This architecture redefines your computing equation and delivers:

  • Many applications on each server. As each virtual machine encapsulates an entire machine, many applications and operating systems can be run on one host at the same time.
  • Maximum server utilization, minimum server count. Every physical machine is used to its full capacity, allowing you to significantly reduce costs by deploying fewer servers overall.
  • Faster, easier application and resource provisioning. As self-contained software files, virtual machines can be manipulated with copy-and-paste ease. This brings unprecedented simplicity, speed and flexibility to IT provisioning and management. virtual machines can even be transferred from one physical server to another while running, via a process known as live migration. You can also virtualize business-critical apps to improve performance, reliability, scalability and reduce costs.
Learn More About Application Virtualization


vmw-virtualization-defined.jpg


Levels of Virtualization
Server Consolidation
Virtualizing one or two servers is just the beginning. The next step is to aggregate a server cluster into a single consolidated resource. For example, instead of 20 servers running at 15 percent of capacity each, you can reduce your hardware count—and associated costs—to four servers, each performing at 80 percent.

Learn More About Server Consolidation

Desktop Virtualization
VMware enables you to deliver secure virtual desktops as a managed service for remote and branch office employees. Our virtual desktop solutions increase business flexibility, simplify management and reduce your costs.

Learn More About Desktop Virtualization

Storage Consolidation
VMware offers an automated, easy-to-deploy solution that virtualizes storage—combining your existing server disks into a shared pool, without the cost and complexity of purchasing a SAN system.

Learn More About the vSphere Storage Appliance

Software-Defined Data Center
Ultimately, you can attain the full efficiency and agility of cloud computing by virtualizing, pooling and automating all data center resources—servers, storage, networking, security and availability—and tying everything together with policy-based provisioning and automated operations management. The result is a software-defined data center where:

  • Capacity expands and contracts as needed.
  • Applications can be provisioned on-demand.
  • Every application is assured of the right levels of performance, compliance and security.
  • IT can shift resources and budget away from infrastructure management and maintenance, toward creating innovations that give your company an edge.
VMware vCloud® Suite is a complete solution that delivers everything you need to build a software-defined data center.

Learn More About vCloud Suite.

If you’re ready to begin virtualizing now—at whatever level is right for you— learn how to get started.
 
  • Like
Reactions: nsm0220
Installing vSphere Data Protection is just a couple of steps. I downloaded the vSphere Replication virtual appliance. Note there are three different versions available and depending on how large your environment is you will need to select a version. I selected the 0.5TB version as I have a limited amount of virtual machines. This is how you import it and configure it, but before you begin I recommend ensuring DNS records are created before deploying the appliance!

  • Open the Web Client
  • Go to your cluster under “vCenter” —> “Hosts and Clusters”.
  • Right click the cluster object and click “All vCenter Actions” —> “Deploy OVF Template”
  • As a source I select the ova file I downloaded, now click “Next”
  • Validate the details and click “Next”
  • If you agree “Accept” the EULA and click “Next”
  • Enter the “Name” of the virtual machine and select the “Folder” this virtual machine will needs to be placed in and click “Next”
  • Select the “Datastore” it needs to be provisioned to and click “Next”
  • Select the “Network” it needs to be connected to and click “Next”
    7979199927_83cebe36b5.jpg
  • Provide the “Networking properties” and click “Next”
  • Review the selected settings and click “Finish” (I ticked “Power on after deployment”)
  • Now it is a matter of minutes before the appliance is deployed, you can track the progress in the upper right pane called “recent tasks”
When the VDP appliance has been deployed we can continue with configuring it.

  • Open a browser window and point it at “https://<ip address or name of VDP>:8543/vdp-configure”
  • Your browser will now inform you that you are connecting to a secure site by that the identification of it cannot be confirmed. Confirm this.
  • Enter the password, which is “changeme” (yes that is a hint!) and click “Next” on the welcome screen.
    7979202154_41d60a3fd0.jpg
  • Next the network settings that you entered during the deployment of the virtual appliance will be presented, you can still make changes if you need. I added a hostname and domain name
  • Make sure that the hostname is resolvable through DNS, as other wise you will get a nice error as shown in the screenshot below
    7979200519_c1f5dd3cc8.jpg
  • Select the correct time-zone and click “Next”
  • Create a new password, note the complexity requirements for it. I used “VMwar3VDP”
    icon_smile.gif
  • Next enter the vCenter Server and SSO Server details and test the connection
  • If the test is successful click “Next” and then “Finish”
  • Configuration is now completed and you can reboot the appliance so that it can initialize properly.
  • I rebooted it by right clicking the appliance in the Web Client and clicking “Restart Guest OS”
    7979200773_79854ceb47.jpg
Reinitializing the appliance is going to take a couple of minutes (in my case almost 30), so be patient…

Now that we have installed and configured it we can start using vSphere Data Protection (VDP). I had to logout of the Web Client before I could see the new shiny VDP icon in my menu.

Let’s get started:

  • Click the “vSphere Data Protection” option in the left pane of your Web Client.
  • If you see the “Not Connected” status, click “Connect”.
  • Click on “Configuration”.
  • At the bottom you will see the “Backup Window”, make sure this aligns with your agreed backup hours.
  • I turned the backup duration down from 12 to “10 Hours” so that at 06:00 in the morning the backup windows ends. Make sure to hit “Save”.
    7980246514_7659391fb9.jpg
Now that we have defined our backup windows. Lets start with creating a backup job.

  • Click on the “Backup” tab and then “New”.
  • I am going to backup all my virtual machines in my cluster so I select my “Cluster” object. I did de-select my vSphere Replication and the vSphere Data Protection appliance as I don’t need it to be backed up. Now click “Next”.
    7980252603_dae6386796.jpg
  • I select “Daily” as I want to do a regular backup of all my virtual machines.
    7980246928_f86e8b70c9.jpg
  • I have selected “60 Days” as the “Retention Period” but you should change this based on your requirements. Click “Next”.
  • Provide the a “Name” to the backup job, I’ve named it “daily-all-vms” and click “Next”
  • Review your selected options and click “Finish”.
Now you have configured a backup window and created backup job. You can immediately kick off the backup process if you want by hitting the “Backup Now” button.

Make sure to check the “Reports” screen for more details around which virtual machines were successfully backed up, which virtual machines were not and why…

How about restoring?
Now that we have backed stuff up, I am guessing you also want to know how to restore it. Restoring is just as simple as backing up.

  • Go to “vCenter” —> “Hosts and Clusters”
  • Right click the virtual machine you want to restore
  • Go to “All VDP Actions” and select “Restore from Last Backup”
  • Now you will have the option to select the “Restore Point”, I will select the most recent one
  • Next you can “Restore” to the original location, I don’t want to interfere with my running virtual machine so decide to restore it to a different volume. Make sure to provide a different name and datastore
    7982107678_3e89c0a25d_z.jpg
  • Review your selections and proceed
  • You will now see some new tasks in the upper right pane called “Recent Tasks” and the restore is on its way
    7982103427_d1c6916e07.jpg
  • When the virtual machine is restored, make sure to hit “Refresh”
Now you can power-on the virtual machine. Note that although the virtual machine has a different name it is still very much the same virtual machine. If you power it on while the original is also still running you will end up with an IP conflict, so make sure to disconnect the network card if you want to keep the original up and running.

One thing I want to point out is that you can also do a restore from within the “vSphere Data Protection” tab itself.
 
  • Like
Reactions: nsm0220
Viper007 said:
So i wanna make some videos on testing security programs etc againts malware but i really dont wanna do that on my pc as the hardware is really good and dont wanna mess things up, will a virtual machine help if the virus did not get detected so my pc wont become infected?
Click to expand...

Virtual machines (VMs, the guest systems) are completely isolated from your real system (the host). You can run viruses and test any unsafe application at will.

Do watch out for the following things however:
  • In these days, more and more malware samples have some sort of Anti-VM protection, which means that they will not run if they detect they are in a VM enviroment. So if something won't run inside your virtual machine, it does not mean that the file is not malicious.
Even though the system itself is isolated, there are still ways you can get your real computer infected. Make sure that:
  • You are not connected to the home network, but to a separate, secure one.
  • You do not have shared folders enabled.
  • You are not logged into browsers, as some of them (like Chrome) sync any changes made, anywhere.
That's it so far, I'll edit the post if something comes into mind. Good luck!
 
You must log in or register to reply here.

You may also like...