Vmware For Security

Discussion in 'other security issues & news' started by DasFox, Jan 24, 2008.

Thread Status:
Not open for further replies.
  1. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    If your Host has been compromised by Malware, will Vmware insulate you from the Host infection?
     
  2. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    mr y:

    99% percent of the time yes. the 1% lacking is the benefit of doubt.

    all common viruses i've seen to date either infects the boot sector of the hard drive (back in the old days) or propagate through the files in the file system, it never goes up to actual driver level (afaik).

    so no worries there, the vmware image is inside a file, and viruses wouldn't know what to do with them. i honestly don't think there is a singly virus in the wild capable of changing a vmware image into infecting the guest, it's very improbably and quite difficult (if at all possible).

    on top of that, if it is at all possible to change a vmware image externally, the actual image type will probably change between versions of vmware, and when you add all the possible guest systems and their possible configurations, you have infinity. it might be theoretically possible, but in practicality it's not feasable.
     
  3. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    It has much less to do about your postcount than your acting like one. Maybe you should be taking a hint from what everyone tells you in every thread you participate in.

    The OS kernel is just an abstraction layer for software. Installing an OS inside a virtual machine creates a virtualized kernel for that virtualized OS, which has nothing to do with the host machine's OS kernel. Granting an application ring0 privileges allows it to compromise the VM's kernel, not the host machine's.
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Mr Y

    The one place in this scenario you'd have to be careful is without starting the guest machine, you can mount the guest's disk drive as another disk on the host. That I suppose could lead to problems.

    Pete
     
  5. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    So, if we do a default installation of XP, and not tinkering with any other settings, is it safe to assume that any infections in the VMWare system will not affect the computer that the VMWare Server/Workstation is running on?
     
  6. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    An infection within a VM will not normally cross over to the host.
     
  7. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    So getting back to one of my questions Vmware isn't going to stress hardware anymore?

    I personally never considered this before, but I don't want it causing problems...

    Personally I've never heard of anyone having hardware problems because of it.

    So if you have an adequate it's not going to hurt drives or CPU?

    THANKS
     
  8. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Getting off topic here, but I wanted to ask, of all the apps out there why did you choose Shadowdefender?

    THANKS
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    A) It tested will
    B) Protects both drives

    Actually now, I am testing the latest beta of Returnil. I actually think Returnil, is a bit more robust, but right now SD wins on features.. TIme will tell.
     
  10. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    THANKS, you using the Returnil free version?

    And my other questions regarding hardware and Vmware damaging them?

    Btw can SD and Returnil run in Vmware to test them?
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Actually the Returnil Premium Beta

    I've seen no evidence of any damage to hardware from VMware. Just you need the resources. I run a machine that has 1gig of ram and 2 20gig harddrives. Takes resources.

    Yes I run FDISR, SD, Returnil, DeepFreeze, and others all in VMware. The disk drives are just like real drives, you have disk management etc. Plus it's snapshot system can't be matched in real hardware.

    Pete
     
  12. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    How stable is the Premium Beta to run on a production box under Vmware?

    For Vmware I have an AMD XP 3000+ 2.0ghz and 1GB Ram with two 300GB Drives running 16MB Cache.

    FDISR?

    Sorry I don't get this ---> snapshot system can't be matched in real hardware?

    THANKS
     
  13. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi DasFox

    I am running the Premium Beta on host. It's stable

    FDISR = First Defense Immediate System Recovery. See Leapfrog forum

    [QUOTE[DasFpx]Sorry I don't get this ---> snapshot system can't be matched in real hardware?[/QUOTE]

    Vmware Workstation has a snapshot system where you can save the state of the system. Sort of similar to EaszFix, except, it recovers the system from anything. You can completely trash the disk, to an extent that no regular recovery system can handle, short of disk repair, and image restore. With the VMware workstation you just go back to another snapshot, and the machine is back to the state where the snapshot was taken.

    Pete
     
  14. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    I know about Vmware snapshot, I thought you were referring something about FDISR, SD, Returnil, DeepFreeze in Vmware was all, didn't quite follow the sentence.

    But what do you mean it can't be matched in real hardware, not quite sure what you mean here?

    Also The disk drives are just like real drives, Huh?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.