Solved

VMWare to test if software is malicious?

Posted on 2009-07-02
4
725 Views
Last Modified: 2012-05-07
Basically my question is, if I install VMware on my machine and use it to run a virtual windows machine, could I use this machine to test if software is malicious.

Say I receive an exe file and am concern it might cause catastrophic damage to my system if it is run on my machine, could it run it on the vmware machine safely without causing any damage to the host?
0
Comment
Question by:zzhang2006
4 Comments
 
LVL 23

Assisted Solution

by:ComputerTechie
ComputerTechie earned 50 total points
ID: 24768920
yes we program and test new software all the time this way. we can crash the vm machine with little effect on the host.

CT
0
 
LVL 11

Accepted Solution

by:
xtreminator earned 125 total points
ID: 24770875
Using VMware it is possible to test ur suspicious software in guest OS.

u have to make sure before testing software in giest os

-- remove any foleder/file sharing between guest os and host os.
-- disconnect all mapped drive from guest os.
-- Disable NIC if possible during testing.
0
 
LVL 8

Assisted Solution

by:JT92677
JT92677 earned 75 total points
ID: 24776962
As previously mentioned, VMware is a  great solution to software testing.

Use the "Snapshot" feature to make a snapshot of your virtual machine before installing software you want to test.

In the VMware VM/Settings/Options/Guest Isolation  uncheck both boxes that allow copy/paste between the virtual and host machine.

In VMware client machine, Right Click "My Network Places" select Properties, then Right Click the adapter and "Disable" it -- this is VERY important for viruses that know how to propagate across a network.

To get your program into the VM machine, I use an ISO image creating program, in my case I use "Ultra-ISO" -- this allows me to create an ISO image of the file I want to install.   In VMware setup the CD ROM to use an ISO image, attach the image you created to the VM machine. You can turn it on after your Virtual XP machine is running and install from there.

This keeps the program from having access to any hardware on your host computer, and VMware does an excellent job isolating the virtual machine from your host machine.

When done with testing, you probably have some virus scanning or malware scanning program you can run on the virtual machine to be sure something isn't lurking there.

You can then use the snapshot manager to restore your Virtual "testing" machine back to the state before you installed the software you have questions about.

I realize this is a summary of what others have suggested, but I thought you might want some additional detail about exactly how to do it safely and to use the snapshot manager to keep your testbed Virtual machine in a known state.

Have fun

Jeff
0
 
LVL 1

Author Closing Comment

by:zzhang2006
ID: 31599422
Thank You
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When converting a physical machine to a virtual machine using VMware vCenter Converter Standalone or vCenter Converter Enterprise, if an adapter type is not selected during the initial customization the resulting virtual machine may contain an IDE d…
In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question