VMware plugs security holes

Discussion in 'other security issues & news' started by ronjor, Sep 1, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,755
    Location:
    Texas
    Heise
     
  2. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    I have to admit that I´m sometimes afraid to execute certain software even inside a VM. It seems that there is indeed reason to be afraid, I wonder if there´s any malware out there who are actually trying to exploit these VM bugs. :blink:
     
  4. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Saw this:
    Installed new version over the top : sweet as: :)
    Great utility, great access to community kb, great value so far.

    ( :shifty: just one boo boo: forgot to turn PrevX off : oops: click click click = RSI )

    Now :turns to FDISR and IFW: away we go again. ;)
    Regards

    Rasheed: you prolly shouldn't worry too much.
    I think if there had been a mal sneaking through from VM we would have known about it toot sweet.
    VMWare, despite any internal issues, has A LOT at stake in the big markets.
    There are so many seriously expert users putting the blocks to VMs every day..
    See current obsession on display:
    :thumb:
     

    Attached Files:

    Last edited: Sep 3, 2008
  5. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    :thumb: Longboard
    Another use is being able to use utilities in a VM when you would normally want to boot to CD, say Active@killdisk or Spinrite for example, being able to carry on using the machine for normal work while doing work on another disk.

    @Rasheed, there's a few POCs and papers wrote and maybe itw but I wouldn't be afraid, in the end patches come quick and there are always other steps to take, software still have to execute.
     
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,046
    If I am really really concerned about something I am going to do in the VM, I first put the host into Shadow Defenders Shadow Mode. That way on the tiny chance something were to leak out, I am safe.

    Pete
     
  7. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Pete; that is a nice approach
    I may not be understanding this too well; if you Shadow the host, use a VM, make changes in the VM, close the VM, then revert the Host, won't that also ipso facto revert the vmdk files ?? :doubt:

    @Meriadoc
    Could you just expand that a bit ; couch it for me having the odd senior moment please; ;)
     
    Last edited: Sep 3, 2008
  8. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    If something manages to get outside of his virtual machine then shadow mode is his backup...
     
  9. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Hi I hope I can explain with some screens. With something like Spinrite or killdisk you will want to disable everything like snapshots, shared folders and drag n drop/copy paste. Choose the relevant OS and disk size and then edit the VM to add the hard disks you will work on. As you can see from the screens I've an ubcd4win, and Winternals ERD Commander 2005 VM also.
     

    Attached Files:

    Last edited: Sep 4, 2008
  10. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    sorry I couldn't get the order of the screens I wished, but I think you can work it out.

    Note, best not to work on the hard disk that you are using :)

    erd...
     

    Attached Files:

    Last edited: Sep 4, 2008
  11. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Getting there ;)
    Tagging along...
    :thumb:
     
  12. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    What do I use if I want to emulate all computer components?
    CPU, bios, cd, nic, etc...
     
  13. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    VMWare :) or similar.

    It'll probably help if you note what you are trying to achieve as to whether this could be done with emulation or, even simulation. Generally speaking VMWare, Parallels, VirtualBox. If you are trying to emulate the original behaviour of something then maybe your after something else.
     
    Last edited: Sep 10, 2008
  14. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    I have an AMD CPU with a phoenix bios, WD HDD, . I would like to create a VM with Intel CPU, with AMIBIOS, Seagate HDD.
     
  15. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    I found that most standard VM software won't emulate CPU's other than the one used by the host. But in the High end and Server market of the software you can emulate CPU's.

    I seem to remember a program available on tucows around 2003/4 that offered the ability to emulate up to 16 individual PC's and you can choose the hardware you wanted from CPU all the way down to the bios. Effectively having 16 separate pc's operating inside 1 pc.
     
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,046
    Hi Longboard

    I missed this. I exclude the vm machine directory for two reasons. First it's huge, almost 60gb. 2nd I figure if something leaks out of the vm machine, it's mostly like not going to attack the vm machines directory, but the host. So everything on both c: drive and d: drive reverts except the machine directory.

    Pete
     
  17. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Ok got that now.
    I'm not sure I realised you could exclude the VM file system in that/any shadowed partition. I like it if thats the case.
    :eek:
    Whatta ya doin in there ??
    What if you want a snapshot to revert what is a busy VM. ?!
    You got more storage than Google there?

    That sort of leads to another Q:
    Most of my VMs are 10-15G for Linuxy stuff and 'small' MS machines:
    Is there a way just to do differential snapshots ??
     
Loading...
Thread Status:
Not open for further replies.