Vmware For Security

[Mr. Y]

If your Host has been compromised by Malware, will Vmware insulate you from the Host infection?

[ethernal]

mr y:

99% percent of the time yes. the 1% lacking is the benefit of doubt.

all common viruses i've seen to date either infects the boot sector of the hard drive (back in the old days) or propagate through the files in the file system, it never goes up to actual driver level (afaik).

so no worries there, the vmware image is inside a file, and viruses wouldn't know what to do with them. i honestly don't think there is a singly virus in the wild capable of changing a vmware image into infecting the guest, it's very improbably and quite difficult (if at all possible).

on top of that, if it is at all possible to change a vmware image externally, the actual image type will probably change between versions of vmware, and when you add all the possible guest systems and their possible configurations, you have infinity. it might be theoretically possible, but in practicality it's not feasable.

[solcroft]

Quote:

Originally Posted by ethernal

i feel it is very unnecessary to automatically assume somebody is an incompetent idiot due to low post count.

It has much less to do about your postcount than your acting like one. Maybe you should be taking a hint from what everyone tells you in every thread you participate in.

The OS kernel is just an abstraction layer for software. Installing an OS inside a virtual machine creates a virtualized kernel for that virtualized OS, which has nothing to do with the host machine's OS kernel. Granting an application ring0 privileges allows it to compromise the VM's kernel, not the host machine's.

[Peter2150]

Quote:

Originally Posted by Mr. Y

If your Host has been compromised by Malware, will Vmware insulate you from the Host infection?

Hi Mr Y

The one place in this scenario you'd have to be careful is without starting the guest machine, you can mount the guest's disk drive as another disk on the host. That I suppose could lead to problems.

Pete

[sosaiso]

So, if we do a default installation of XP, and not tinkering with any other settings, is it safe to assume that any infections in the VMWare system will not affect the computer that the VMWare Server/Workstation is running on?

[Meriadoc]

An infection within a VM will not normally cross over to the host.

[DasFox]

So getting back to one of my questions Vmware isn't going to stress hardware anymore?

I personally never considered this before, but I don't want it causing problems...

Personally I've never heard of anyone having hardware problems because of it.

So if you have an adequate it's not going to hurt drives or CPU?

THANKS

[DasFox]

Quote:

Originally Posted by Peter2150

I also use Shadowdefender, and just to avoid this issue, when I am doing anything really dangereous in the VM, I shadow all my drives on the host.

Getting off topic here, but I wanted to ask, of all the apps out there why did you choose Shadowdefender?

THANKS

[Peter2150]

Quote:

Originally Posted by DasFox

Getting off topic here, but I wanted to ask, of all the apps out there why did you choose Shadowdefender?

THANKS

A) It tested will
B) Protects both drives

Actually now, I am testing the latest beta of Returnil. I actually think Returnil, is a bit more robust, but right now SD wins on features.. TIme will tell.

[DasFox]

THANKS, you using the Returnil free version?

And my other questions regarding hardware and Vmware damaging them?

Btw can SD and Returnil run in Vmware to test them?

[Peter2150]

Quote:

Originally Posted by DasFox

THANKS, you using the Returnil free version?

And my other questions regarding hardware and Vmware damaging them?

Btw can SD and Returnil run in Vmware to test them?

Actually the Returnil Premium Beta

I've seen no evidence of any damage to hardware from VMware. Just you need the resources. I run a machine that has 1gig of ram and 2 20gig harddrives. Takes resources.

Yes I run FDISR, SD, Returnil, DeepFreeze, and others all in VMware. The disk drives are just like real drives, you have disk management etc. Plus it's snapshot system can't be matched in real hardware.

Pete

[DasFox]

Quote:

Originally Posted by Peter2150

Actually the Returnil Premium Beta

I've seen no evidence of any damage to hardware from VMware. Just you need the resources. I run a machine that has 1gig of ram and 2 20gig harddrives. Takes resources.

Yes I run FDISR, SD, Returnil, DeepFreeze, and others all in VMware. The disk drives are just like real drives, you have disk management etc. Plus it's snapshot system can't be matched in real hardware.

Pete

How stable is the Premium Beta to run on a production box under Vmware?

For Vmware I have an AMD XP 3000+ 2.0ghz and 1GB Ram with two 300GB Drives running 16MB Cache.

FDISR?

Sorry I don't get this ---> snapshot system can't be matched in real hardware?

THANKS

[Peter2150]

Hi DasFox

Quote:

Originally Posted by DasFox

How stable is the Premium Beta to run on a production box under Vmware?

I am running the Premium Beta on host. It's stable

Quote:

Originally Posted by Dasfox

FDISR?

FDISR = First Defense Immediate System Recovery. See Leapfrog forum

[QUOTE[DasFpx]Sorry I don't get this ---> snapshot system can't be matched in real hardware?[/quote]

Vmware Workstation has a snapshot system where you can save the state of the system. Sort of similar to EaszFix, except, it recovers the system from anything. You can completely trash the disk, to an extent that no regular recovery system can handle, short of disk repair, and image restore. With the VMware workstation you just go back to another snapshot, and the machine is back to the state where the snapshot was taken.

Pete

[DasFox]

I know about Vmware snapshot, I thought you were referring something about FDISR, SD, Returnil, DeepFreeze in Vmware was all, didn't quite follow the sentence.

But what do you mean it can't be matched in real hardware, not quite sure what you mean here?

Also The disk drives are just like real drives, Huh?