Solved

VMWare to test if software is malicious?

Posted on 2009-07-02
4
724 Views
Last Modified: 2012-05-07
Basically my question is, if I install VMware on my machine and use it to run a virtual windows machine, could I use this machine to test if software is malicious.

Say I receive an exe file and am concern it might cause catastrophic damage to my system if it is run on my machine, could it run it on the vmware machine safely without causing any damage to the host?
0
Comment
Question by:zzhang2006
4 Comments
 
LVL 23

Assisted Solution

by:ComputerTechie
ComputerTechie earned 50 total points
ID: 24768920
yes we program and test new software all the time this way. we can crash the vm machine with little effect on the host.

CT
0
 
LVL 11

Accepted Solution

by:
xtreminator earned 125 total points
ID: 24770875
Using VMware it is possible to test ur suspicious software in guest OS.

u have to make sure before testing software in giest os

-- remove any foleder/file sharing between guest os and host os.
-- disconnect all mapped drive from guest os.
-- Disable NIC if possible during testing.
0
 
LVL 8

Assisted Solution

by:JT92677
JT92677 earned 75 total points
ID: 24776962
As previously mentioned, VMware is a  great solution to software testing.

Use the "Snapshot" feature to make a snapshot of your virtual machine before installing software you want to test.

In the VMware VM/Settings/Options/Guest Isolation  uncheck both boxes that allow copy/paste between the virtual and host machine.

In VMware client machine, Right Click "My Network Places" select Properties, then Right Click the adapter and "Disable" it -- this is VERY important for viruses that know how to propagate across a network.

To get your program into the VM machine, I use an ISO image creating program, in my case I use "Ultra-ISO" -- this allows me to create an ISO image of the file I want to install.   In VMware setup the CD ROM to use an ISO image, attach the image you created to the VM machine. You can turn it on after your Virtual XP machine is running and install from there.

This keeps the program from having access to any hardware on your host computer, and VMware does an excellent job isolating the virtual machine from your host machine.

When done with testing, you probably have some virus scanning or malware scanning program you can run on the virtual machine to be sure something isn't lurking there.

You can then use the snapshot manager to restore your Virtual "testing" machine back to the state before you installed the software you have questions about.

I realize this is a summary of what others have suggested, but I thought you might want some additional detail about exactly how to do it safely and to use the snapshot manager to keep your testbed Virtual machine in a known state.

Have fun

Jeff
0
 
LVL 1

Author Closing Comment

by:zzhang2006
ID: 31599422
Thank You
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
wondershare 17 57
Windows shadowcopy - space allocated - exclusive? 4 26
Error upgrading from esxi 5.5 to 6.5 15 72
Incorrect definition of table mysql.proc 7 9
In this article, I will show you HOW TO: Suppress Configuration Issues and Warnings Alert displayed in Summary status for ESXi 6.5 after enabling SSH or ESXi Shell.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This Micro Tutorial walks you through using a remote console to access a server and install ESXi 5.1. This example is showing remote access and installation using a Dell server. The hypervisor is the very first component of your virtual infrastructu…
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question