-
August 20th, 2008, 01:48 PM
#41
hi there
Well I decided to infect a machine of mine with this malware so I can get some samples.
Nihil please check your private and your email.
If anyone else would liek sampels of these infected files please let me know via pm.
Panda didnt even blink at this. ./sad
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 20th, 2008, 02:21 PM
#42
Great advice brokencrow
virtual machine is one of my fav new technologies.
You must spread some Reputation around before giving it to brokencrow again.
seems it is always the same people giving the good advice these days
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
August 20th, 2008, 03:51 PM
#43
I've been wrestling with VM's for a couple of years now. Finally got some decent
hardware to run 'em on. VMWare seems to write the best apps. Haven't used
Xen or any of the open source stuff yet. MS's VM isn't worth a hoot in my book.
VM 2007 is slow even on this dual proc w/ 2 gb's ram. Haven't tried HyperVisor
yet though, as I'm not running MS's latest server.
Now I seem to be spending all my time building OS's. This laptop tri-boots XP,
Vista, and Ubuntu, not to mention one W2K server VM build and more to come.
Right now I'm running DSL (damn small linux) is VM Player. Works well and is
quick. It's just about bulletproof, but lacks the bells and whistles (which I don't
mind).
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
August 20th, 2008, 08:42 PM
#44
IF you are running a VPC on your PC and the VPC gets infected, will that affect your system?
Also how do plugging in flash drives work? As both your system and the vpc will pick it up?
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 20th, 2008, 10:47 PM
#45
Originally Posted by Cider
IF you are running a VPC on your PC and the VPC gets infected, will that affect your system?
It's conceivable, but not very likely. Essentially a VM
is pretty much segregated from the host. VM's are
used for honeypots, so what's that say? Never say
never though.
Originally Posted by Cider
Also how do plugging in flash drives work? As both your system and the vpc will pick it up?
Flash drives work fine. VM hosts grant access to USB
devices. You're going to have problems with legacy
devices like LPT dongles though.
There are ass't hardware issues with VM's, like sound
or video cards that may or may not load. I had problems
on a Win98 VM that wouldn't pickup an Audigy I card,
even if I tried the Win98 driver from Creative's site.
The W2K server VM I run now wouldn't load a video
driver until I ran VMWare Tools, then it was fine. I
built Fedora v8 on VM Workstation 5.5 today and the
display settings won't hold anything other than 800x600.
VM Player (a freebie!) runs DSL linux fine but chokes
on Puppy linux (both run from an .iso).
So VM's do have issues. Nice thing is you can clone
them and start over much easier than reloading an
OS on a PC (generally!).
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
August 21st, 2008, 08:07 AM
#46
Hey there BC
Thanks for the info.
Stupid question. How do you use VM in a corporate world? Is it possible for a PC jsut to run VM software on it or does it require a OS behind that?
Our corporate software can be used on a VM and we cant charge the customer for this... I'm sure that will change in the furture.
Edit - We have virtual licencing :P Just asked sales.
Last edited by Cider; August 21st, 2008 at 08:10 AM.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 21st, 2008, 10:47 AM
#47
ANyway, towards the original malware.
I used malware bytes along with Spybot.
Why do I need resident AV ????? Hmmm, only reason I will keep it will be for the firewall plugin.
Its quite hard to support a product you dont believe in.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 21st, 2008, 05:33 PM
#48
Originally Posted by Cider
How do you use VM in a corporate world?
VM's are widely used to consolidate servers. As for how you might
use it, that basically depends on your privileges and your company's
AUP. Obviously I don't know anything about the company you work
for, or who admins their servers, but you may well already have virtualization
in place. VMWare's ESX is commonly used in enterprise environments.
Originally Posted by Cider
Is it possible for a PC jsut to run VM software on it or does it require a OS behind that?
Both. ESX, a widely used product (expensive, too), runs as a dedicated
host. I think it's referred to as a hypervisor. I've used VMWare Workstation,
their Virtual Server (free!), their VM Player (also free), and MS's VM,
both 2004 & 2007. All of those run on top of a host OS, which can be
Windows, Linux or Mac. Wikipedia's got several pieces on VM's, along
with tons of links.
Last edited by brokencrow; August 21st, 2008 at 05:39 PM.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
August 21st, 2008, 10:46 PM
#49
Hmmmm, "curiouser and curiouser" said Alice.
Cider, I got your e-mail, but my provider uses Norton, and Norton says "no!" So if Norton can detect it and Panda doesn't, I think that you have a problem. Basically I cannot access the attachment, and even if I try copying the whole message I hit problems:
Risk Assessment: MAXIMUM - EXTREMELY VULNERABLE SITUATION.
*> Contains suspicious string: infect
LINE=...
*> Suspicious strings detected.
WormGuard has found a few strings in this file that are suspicious.
*> Contains suspicious string: virus
LINE=.........
*> Script Analysis: Security risks detected.
WormGuard Script Analysis:
> Sends email.
It may be using email to propogate.
> Contains suspicious string: "infect"
> Writes data to file(s).
WormGuard doesn't like it either
Whilst VM is one way to go, it isn't my personal choice because they are not really for the computer illiterate, and do need some serious resource to perform well.
I've been wrestling with VM's for a couple of years now. Finally got some decent hardware to run 'em on.
For my lot, I tend to go for the virtual sandbox like Sandboxie or Fortres Grand.
-
August 22nd, 2008, 04:48 AM
#50
VM loves resources.....and depending on the OS you are running it on...and the OS you are runnning in the VM.....oh and lets not forget the applications and services on both machines.....you need a lot of fricken resources
I have one to play with an app....that takes at least a 1\2 hour to load...I havent really timed it yet. It runs on a laptop.
All MS Oses........and far too fricken many services and applications running on both....can be tweaked. (I didnt configure it...would like to though )
Dedicated VM....thats what I want...eeerrrrr need...yah thats it.
Just have to convince the powers that be
MLF
Last edited by morganlefay; August 22nd, 2008 at 04:52 AM.
How people treat you is their karma- how you react is yours-Wayne Dyer
Similar Threads
-
By Tiger Shark in forum Microsoft Security Discussions
Replies: 5
Last Post: January 14th, 2005, 08:47 PM
-
By moxnix in forum *nix Security Discussions
Replies: 2
Last Post: October 23rd, 2004, 05:28 PM
-
By CXGJarrod in forum Microsoft Security Discussions
Replies: 0
Last Post: July 23rd, 2003, 10:00 PM
-
By sirrahj in forum Cosmos
Replies: 17
Last Post: February 15th, 2003, 01:42 AM
-
By zigar in forum AntiVirus Discussions
Replies: 0
Last Post: June 6th, 2002, 03:57 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|