What I have to know about malware before start testing security software?

WinAndLinuxTutorials

Level 4
Thread author
Verified
Honorary Member
Aug 23, 2011
2,291
I opened Malware Domain List to get some malware links, but I found many kinds of malware there, which one I have to select?
 
I

illumination

WinAndLinuxTutorials said:
I opened Malware Domain List to get some malware links, but I found many kinds of malware there, which one I have to select?

I would like to recommend you reread Jacks first response in this thread, testing,even in a virtual environment can be dangerous. When I first started, I had two old Dell towers to test on, ones i did not care if anything happened too.. I also had my operating system and drivers on CD in case anything happened, i could always boot from the BIOS to force the CD to load first and wipe the drive and start over. There is more to this then just throwing malware at a product and seeing if it will remove it. Learning the different aspects of malware, what they do and how they effect the system is essential.. I would do a lot of research before even beginning to start. Learning to repair what the malware does to files upon removal is just as important as removing them, systems can become corrupted, ect..
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Remember some links could be a nasty and make it infect in just a seconds. Especially like rootkits which they are really nasty and huge damage can do in a system.
 

Hungry Man

New Member
Jul 21, 2011
669
I suggest you keep something like Process Explorer open. Download the malware, run it, and see if a process is created.

Certain programs (like CIS) will allow processes to start but keep them sandboxed. Keep that in mind.
 

WinAndLinuxTutorials

Level 4
Thread author
Verified
Honorary Member
Aug 23, 2011
2,291
jamescv7 said:
Remember some links could be a nasty and make it infect in just a seconds. Especially like rootkits which they are really nasty and huge damage can do in a system.

Don't worry, I will be using Linux as a host OS and a Windows 7 VM to test.
 

WinAndLinuxTutorials

Level 4
Thread author
Verified
Honorary Member
Aug 23, 2011
2,291
Hungry Man said:
I suggest you keep something like Process Explorer open. Download the malware, run it, and see if a process is created.

Certain programs (like CIS) will allow processes to start but keep them sandboxed. Keep that in mind.

I have prepared all the programs required like Process Explorer as a process manager, and scanners like Malwarebytes, Hitman Pro, etc. to scan the VM after completing the test.
 
D

Deleted member 178

yes you can start your tests. btw if you can test Webroot SA beta... :D
 

WinAndLinuxTutorials

Level 4
Thread author
Verified
Honorary Member
Aug 23, 2011
2,291
^^BTW, which OS I have to use in a VM for malware testing, Windows XP, Windows Vista or Windows 7?
Windows XP has the least security, Windows Vista has more security than XP, and Windows 7 has even more security than Vista. So I think using Windows Vista because it is a balance between the two, what do you think?
 
D

Deleted member 178

use the one u are using actually, so you will know your weaknesses.
 

Hungry Man

New Member
Jul 21, 2011
669
If you're testing malware I would suggest Windows XP 32bit since it has the least security and you get the "worst case scenario." While 7 users may be protected from some of your results it's best to see how all of the malware runs.
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
WinAndLinuxTutorials said:
^^BTW, which OS I have to use in a VM for malware testing, Windows XP, Windows Vista or Windows 7?

Depends on what OS you are comfortable testing on and if your system can handle it. Chose between Windows XP SP3 or Windows 7 - both require less resources and run lighter (*more responsive, less sluggish performance) than Windows Vista.

Windows XP is a 10 year old OS (and imo isn't meant for 2011 usage)
Windows 7 is a 3 year old OS (and is similar to Windows Vista)

Take your pick, but I don't recommend installing Windows Vista on the VM.
 

WinAndLinuxTutorials

Level 4
Thread author
Verified
Honorary Member
Aug 23, 2011
2,291
Earth said:
WinAndLinuxTutorials said:
^^BTW, which OS I have to use in a VM for malware testing, Windows XP, Windows Vista or Windows 7?

Depends on what OS you are comfortable testing on and if your system can handle it. Chose between Windows XP SP3 or Windows 7 - both require less resources and run lighter (*more responsive, less sluggish performance) than Windows Vista.

Windows XP is a 10 year old OS (and imo isn't meant for 2011 usage)
Windows 7 is a 3 year old OS (and is similar to Windows Vista)

Take your pick, but I don't recommend installing Windows Vista on the VM.

Why it's not recommended to install Windows Vista on a VM?
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
WinAndLinuxTutorials said:
^^BTW, which OS I have to use in a VM for malware testing, Windows XP, Windows Vista or Windows 7?
Windows XP has the least security, Windows Vista has more security than XP, and Windows 7 has even more security than Vista. So I think using Windows Vista because it is a balance between the two, what do you think?

For me if you have enough RAM then you can go Windows 7 for testing purpose.
 
D

Deleted member 178

WinAndLinuxTutorials said:
Why it's not recommended to install Windows Vista on a VM?

because it is useless, if you have enough RAM, use windows 7, more users, better OS.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top