Testing malware

N

network86

New Member
Thread author
Oct 12, 2011
29
I would to start testing malware and there is a few things i want to check first. Im running XP in a VM on a old computer. Is it possible for a piece of malware to infect anyone else on my network, for example if a worm if its in a VM? Second question is I've read its possible for malware to change router settings, open ports etc. Is this possible and if it is how common would it be? I have my router password protected.
 
win7holic

win7holic

New Member
Apr 20, 2011
2,079
I have a tutorial, how to install windows XP in a VM and with settings also.

http://www.youtube.com/watch?v=eAWJK2TlykE
 
D

Deleted member 178

if it can jump from the VM to the host (very few chances), it will do its normal job.
 
Jack

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Here is the bottom line... VM Worstation is the safest Vm on the market , there is a very really slim chance of getting infecting while using it... Why?
If a malware can bypass the VM software than it must have a great code and any good malware writer will have his malware poll running processes during startup of his app and look for virtual processes to prevent anyone from running the sample in a virtual environment.
Follow the tips from this post and don't use the File Sharing or Unity features and you'll be fine.
 
win7holic

win7holic

New Member
Apr 20, 2011
2,079
jump?
if it's possible, it is ridiculous for us (the tester)
I can not imagine, if it "jump" to the host machine.

"but" there is a possibility, a malware "anti-virtualization"
so, the malware can not work, when in the VM,
but it's just very little.
 
D

Deleted member 178

when i say jump, i mean it go from the VM to the host, it is possible. dont play with words ...
 
win7holic

win7holic

New Member
Apr 20, 2011
2,079
here there is a pretty good article to read.

http://mintywhite.com/windows-7/7security/protect-malware-testing-programs-virtual-machine/
 
AyeAyeCaptain

AyeAyeCaptain

Level 1
Feb 24, 2011
585
win7holic said:
here there is a pretty good article to read.

http://mintywhite.com/windows-7/7security/protect-malware-testing-programs-virtual-machine/
Click to expand...


You were not wrong there, very nice read! :)

Rep +
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Mainly having junk Computer is much better way or just run with realtime so to make sure that any untoward incident could be prevented.
 
E

Exorcizm

Jack said:
Here is the bottom line... VM Worstation is the safest Vm on the market , there is a very really slim chance of getting infecting while using it... Why?
If a malware can bypass the VM software than it must have a great code and any good malware writer will have his malware poll running processes during startup of his app and look for virtual processes to prevent anyone from running the sample in a virtual environment.
Follow the tips from this post and don't use the File Sharing or Unity features and you'll be fine.
Click to expand...

I possibly second, third and fourth this :) Very accurate and none biased :D

Nice Jack, i love using VM Workstation too! :D
 
McLovin

McLovin

Level 76
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,224
What Jack said sumed it all up. +rep

I would use VMware or use a PC that you do really use anymore and use that for the malware testing. My recommendation is if that you want to do some hard core malware testing use a old PC.
 
E

Exorcizm

McLovin said:
What Jack said sumed it all up. +rep

I would use VMware or use a PC that you do really use anymore and use that for the malware testing. My recommendation is if that you want to do some hard core malware testing use a old PC.
Click to expand...

Glad to see you agree too!

+ Rep to Jack :)
 
I

illumination

Have to agree with Jack and the others.. When i was testing, i used an old PC i did not care about.. I would do my testing of a product, then reformat for another round with a different one.
 
AyeAyeCaptain

AyeAyeCaptain

Level 1
Feb 24, 2011
585
Is using VMWare Player any less safe than Workstation... rather than put the effort into research/read on the benefits it'd be easier to ask the friendly folks of MT. :)
 
Hungry Man

Hungry Man

New Member
Jul 21, 2011
669
I would suggest running directly connected/ not with your router.

Run a VM in sandboxie? I doubt anything can get out of that.
 
D

Deleted member 178

i test malwares on my real machine under shadow mode (virtualization) of Shadow Defender. works very well. and if something may go wrong my backup image is ready :D
 
AyeAyeCaptain

AyeAyeCaptain

Level 1
Feb 24, 2011
585
Thanks Hungry & Umbra for both your tips/advice to my question although I must say I agree with going with Hungry's method as feel that makes a lot more sense. :D
 
You must log in or register to reply here.

Similar threads

Xeno1234
    • Like
    • Applause
Serious Discussion How to set up a safe environment for Malware Testing
Replies
18
Views
1,093
General Security Discussions
ForgottenSeer 97327
F
Andy Ful
    • +Reputation
    • Like
    • Applause
An example of why malware testing should include real-world infection vectors.
Replies
1
Views
227
Security Statistics and Reports
Bot
Bot
S
Question How secure is KTS on DEFAULT settings?
Replies
8
Views
565
Kaspersky
Trident
Trident

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top