Discussion in 'other security issues & news' started by ronjor, Sep 1, 2008.
If you would like to receive VMware Security Advisories and Security Alerts in your mail box like the one in the above link...
...you can subscribe to the security anounce list run by the security team at VMWaredotcom. You can visit the archives here.
I have to admit that I´m sometimes afraid to execute certain software even inside a VM. It seems that there is indeed reason to be afraid, I wonder if there´s any malware out there who are actually trying to exploit these VM bugs.
Installed new version over the top : sweet as:
Great utility, great access to community kb, great value so far.
( just one boo boo: forgot to turn PrevX off : oops: click click click = RSI )
Now :turns to FDISR and IFW: away we go again.
Rasheed: you prolly shouldn't worry too much.
I think if there had been a mal sneaking through from VM we would have known about it toot sweet.
VMWare, despite any internal issues, has A LOT at stake in the big markets.
There are so many seriously expert users putting the blocks to VMs every day..
See current obsession on display:
Another use is being able to use utilities in a VM when you would normally want to boot to CD, say Active@killdisk or Spinrite for example, being able to carry on using the machine for normal work while doing work on another disk.
@Rasheed, there's a few POCs and papers wrote and maybe itw but I wouldn't be afraid, in the end patches come quick and there are always other steps to take, software still have to execute.
If I am really really concerned about something I am going to do in the VM, I first put the host into Shadow Defenders Shadow Mode. That way on the tiny chance something were to leak out, I am safe.
Pete; that is a nice approach
I may not be understanding this too well; if you Shadow the host, use a VM, make changes in the VM, close the VM, then revert the Host, won't that also ipso facto revert the vmdk files ??
Could you just expand that a bit ; couch it for me having the odd senior moment please;
If something manages to get outside of his virtual machine then shadow mode is his backup...
Hi I hope I can explain with some screens. With something like Spinrite or killdisk you will want to disable everything like snapshots, shared folders and drag n drop/copy paste. Choose the relevant OS and disk size and then edit the VM to add the hard disks you will work on. As you can see from the screens I've an ubcd4win, and Winternals ERD Commander 2005 VM also.
sorry I couldn't get the order of the screens I wished, but I think you can work it out.
Note, best not to work on the hard disk that you are using
What do I use if I want to emulate all computer components?
CPU, bios, cd, nic, etc...
VMWare or similar.
It'll probably help if you note what you are trying to achieve as to whether this could be done with emulation or, even simulation. Generally speaking VMWare, Parallels, VirtualBox. If you are trying to emulate the original behaviour of something then maybe your after something else.
I have an AMD CPU with a phoenix bios, WD HDD, . I would like to create a VM with Intel CPU, with AMIBIOS, Seagate HDD.
I found that most standard VM software won't emulate CPU's other than the one used by the host. But in the High end and Server market of the software you can emulate CPU's.
I seem to remember a program available on tucows around 2003/4 that offered the ability to emulate up to 16 individual PC's and you can choose the hardware you wanted from CPU all the way down to the bios. Effectively having 16 separate pc's operating inside 1 pc.
I missed this. I exclude the vm machine directory for two reasons. First it's huge, almost 60gb. 2nd I figure if something leaks out of the vm machine, it's mostly like not going to attack the vm machines directory, but the host. So everything on both c: drive and d: drive reverts except the machine directory.
Ok got that now.
I'm not sure I realised you could exclude the VM file system in that/any shadowed partition. I like it if thats the case.
Whatta ya doin in there ??
What if you want a snapshot to revert what is a busy VM. ?!
You got more storage than Google there?
That sort of leads to another Q:
Most of my VMs are 10-15G for Linuxy stuff and 'small' MS machines:
Is there a way just to do differential snapshots ??