Click here to get back home

Security within Virtual Machine
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Security within Virtual Machine GJB 12-05-2005
Posted by GJB on December 5, 2005, 6:16 am
Please log in for more thread options
 Hi,

I regularly receive packages which I know are loaded with spyware and other
nasties, but that contain valid/legitimate/safe files I need to extract.
If I install these packages into a non-networked VM environment e.g VMware
or Virtual PC would there be any "leakage" to the hosting PC?
Indeed would this be considers a safe strategy at all?

Regards,

gerry



Posted by Juergen Nieveler on December 5, 2005, 6:48 am
Please log in for more thread options
> I regularly receive packages which I know are loaded with spyware and
> other nasties, but that contain valid/legitimate/safe files I need to
> extract.

Let me guess - updates for Serials2k? ;-)

> If I install these packages into a non-networked VM environment e.g
> VMware or Virtual PC would there be any "leakage" to the hosting PC?

No, as that's rather the point of VMWare :-)

> Indeed would this be considers a safe strategy at all?

Yes, that's a good strategy - although if it's only compressed archives
you'd probably be just as safe if you unzip them and simply delete the
nasty files. If you don't execute them they can't harm you.

Juergen Nieveler
--
Actually, that IS a gun in my pocket

Posted by Roger Abell [MVP] on December 5, 2005, 10:28 am
Please log in for more thread options
Today this is a cautiously valid strategy as there are no known
rootkits/malware that today climb out to the host system.
In the long run this is NOT a valid strategy as there is nothing
that prevents them from doing so if they obtain system / kernel
privs in the hosted system.

> Hi,
>
> I regularly receive packages which I know are loaded with spyware and
> other nasties, but that contain valid/legitimate/safe files I need to
> extract.
> If I install these packages into a non-networked VM environment e.g VMware
> or Virtual PC would there be any "leakage" to the hosting PC?
> Indeed would this be considers a safe strategy at all?
>
> Regards,
>
> gerry
>



Posted by Roger Abell [MVP] on December 5, 2005, 10:45 am
Please log in for more thread options
I should perhaps be more careful with the wording.
By "there is nothing that prevents them from doing so"
what is meant is that there is nothing preventing them
from trying to do so, i.e. do so if they can find exploit;
but the ability to cross the boundary is not lacking.

> Today this is a cautiously valid strategy as there are no known
> rootkits/malware that today climb out to the host system.
> In the long run this is NOT a valid strategy as there is nothing
> that prevents them from doing so if they obtain system / kernel
> privs in the hosted system.
>
>> Hi,
>>
>> I regularly receive packages which I know are loaded with spyware and
>> other nasties, but that contain valid/legitimate/safe files I need to
>> extract.
>> If I install these packages into a non-networked VM environment e.g
>> VMware or Virtual PC would there be any "leakage" to the hosting PC?
>> Indeed would this be considers a safe strategy at all?
>>
>> Regards,
>>
>> gerry
>>
>
>



Similar ThreadsPosted
root CA as a virtual machine? June 6, 2007, 6:08 pm
Machine does not respond. June 28, 2005, 12:42 pm
Any Way To Get Machine Name for Client in Event ID 560? November 13, 2005, 6:38 pm
machine authentication for web site? February 21, 2006, 10:09 am
.NET machine.config June 13, 2006, 1:01 pm
Where to View Machine Certificate? November 1, 2006, 2:25 am
IP of machine locking account? March 13, 2008, 8:49 am
Maximum machine account password age March 14, 2006, 6:24 am
Successful Logon to DC local machine September 11, 2006, 12:31 pm
saving event log to remote machine? November 16, 2006, 1:45 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap