Testing malware

N

network86

New Member
Thread author
Oct 12, 2011
29
0
6
39
Ireland
I would to start testing malware and there is a few things i want to check first. Im running XP in a VM on a old computer. Is it possible for a piece of malware to infect anyone else on my network, for example if a worm if its in a VM? Second question is I've read its possible for malware to change router settings, open ports etc. Is this possible and if it is how common would it be? I have my router password protected.
 
if it can jump from the VM to the host (very few chances), it will do its normal job.
 
Here is the bottom line... VM Worstation is the safest Vm on the market , there is a very really slim chance of getting infecting while using it... Why?
If a malware can bypass the VM software than it must have a great code and any good malware writer will have his malware poll running processes during startup of his app and look for virtual processes to prevent anyone from running the sample in a virtual environment.
Follow the tips from this post and don't use the File Sharing or Unity features and you'll be fine.
 
jump?
if it's possible, it is ridiculous for us (the tester)
I can not imagine, if it "jump" to the host machine.

"but" there is a possibility, a malware "anti-virtualization"
so, the malware can not work, when in the VM,
but it's just very little.
 
when i say jump, i mean it go from the VM to the host, it is possible. dont play with words ...
 
here there is a pretty good article to read.

http://mintywhite.com/windows-7/7security/protect-malware-testing-programs-virtual-machine/
 
Mainly having junk Computer is much better way or just run with realtime so to make sure that any untoward incident could be prevented.
 
Jack said:
Here is the bottom line... VM Worstation is the safest Vm on the market , there is a very really slim chance of getting infecting while using it... Why?
If a malware can bypass the VM software than it must have a great code and any good malware writer will have his malware poll running processes during startup of his app and look for virtual processes to prevent anyone from running the sample in a virtual environment.
Follow the tips from this post and don't use the File Sharing or Unity features and you'll be fine.
Click to expand...

I possibly second, third and fourth this :) Very accurate and none biased :D

Nice Jack, i love using VM Workstation too! :D
 
What Jack said sumed it all up. +rep

I would use VMware or use a PC that you do really use anymore and use that for the malware testing. My recommendation is if that you want to do some hard core malware testing use a old PC.
 
McLovin said:
What Jack said sumed it all up. +rep

I would use VMware or use a PC that you do really use anymore and use that for the malware testing. My recommendation is if that you want to do some hard core malware testing use a old PC.
Click to expand...

Glad to see you agree too!

+ Rep to Jack :)
 
Have to agree with Jack and the others.. When i was testing, i used an old PC i did not care about.. I would do my testing of a product, then reformat for another round with a different one.
 
Is using VMWare Player any less safe than Workstation... rather than put the effort into research/read on the benefits it'd be easier to ask the friendly folks of MT. :)
 
I would suggest running directly connected/ not with your router.

Run a VM in sandboxie? I doubt anything can get out of that.
 
i test malwares on my real machine under shadow mode (virtualization) of Shadow Defender. works very well. and if something may go wrong my backup image is ready :D
 
Thanks Hungry & Umbra for both your tips/advice to my question although I must say I agree with going with Hungry's method as feel that makes a lot more sense. :D
 
You must log in or register to reply here.

You may also like...