Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Questions about VMware ESXi servers exploit - [Thread Split]
Message
<blockquote data-quote="ForgottenSeer 69673" data-source="post: 1024192"><p>Ok then. In the setup I suggested, the files would not be encrypted on the host at all. Only the first VM's RAM and after reboot, the entire system would be normal again. Think Shadow Defender and of course Appguards memory guard. Also with the firewall setup, they would not be able to download new code.</p><p>Actually, this is my current setup. The only thing is, I use Virtual Box instead of VMWare.</p><p></p><p>The reason I use this setup is for two reasons.</p><p></p><p>1. Even though my setup does not change much, except for adding a few LOLBINS now and then to Appguard, plus OS and Edge updates, I still like to test not only security software but persistent malware. I can't do that just running Shadow defender because some won't run at all in shadow mode and some require a reboot. </p><p>2. Using s full image, I do not have to reconfigure VBox every time I reboot. It not only comes back, but does so while in shadow mode.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 69673, post: 1024192"] Ok then. In the setup I suggested, the files would not be encrypted on the host at all. Only the first VM's RAM and after reboot, the entire system would be normal again. Think Shadow Defender and of course Appguards memory guard. Also with the firewall setup, they would not be able to download new code. Actually, this is my current setup. The only thing is, I use Virtual Box instead of VMWare. The reason I use this setup is for two reasons. 1. Even though my setup does not change much, except for adding a few LOLBINS now and then to Appguard, plus OS and Edge updates, I still like to test not only security software but persistent malware. I can't do that just running Shadow defender because some won't run at all in shadow mode and some require a reboot. 2. Using s full image, I do not have to reconfigure VBox every time I reboot. It not only comes back, but does so while in shadow mode. [/QUOTE]
Insert quotes…
Verification
Post reply
Top