Re: Rootkits



On 3/10/06, Idan Deshe <deshe.idan@xxxxxxxxx> wrote:
An easier way will be to use a virtual machine like VM-ware.


Not necessarily. Keep in mind that a lot of malware today detects
VMWare and, in case it's running in a virtual machine, exits or does
something benign.
This is usually done in order to make reverse engineering more
difficult (and has a nice benefit that named malware doesn't work in
cases you use VMWare :).

Bojan

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@xxxxxxxxxx
------------------------------------------------------------------------------



Relevant Pages

  • Re: VMWare Server 2.0.1 On Fedora 11 64Bit
    ... I've been playing around with it all morning and managed to get all my Virtual Machines back online. ... I have noticed the issue you mentioned below with the web interface, its extremely frustrating but lucky for me i don't make use of the web interface very often as i don't make many changes, Maybe once every 2 or 3 months. ... The RPM installs fine but seem to have issues compiling some of the vmware modules. ... But the management interface is very unstable under F11. ...
    (Fedora)
  • Re: long sytem freeze
    ... Malware is not something I have studied in any depth but recently there ... Kernel-mode rootkits can be even more powerful since, ... process management tools like Task Manager or Process Explorer. ... process generating the excessive CPU usage. ...
    (microsoft.public.windowsxp.general)
  • RE: Exploit package analysis
    ... The sandbox that I set up to run things like malware or test new ... technologies in is vmware. ... aspects of pen-testing I have yet to tackle. ... My question to all of you is what are some basic sandbox tools you would ...
    (Pen-Test)
  • Re: A Modest Proposal
    ... because the malware writers world wide seem to have development ... budgets that would embarrass the Apollo space program, ... or some other virtualization software). ... VMWare can boot pretty fast. ...
    (rec.arts.sf.fandom)
  • Re: A Modest Proposal
    ... because the malware writers world wide seem to have development ... budgets that would embarrass the Apollo space program, ... or some other virtualization software). ... VMWare can boot pretty fast. ...
    (rec.arts.sf.fandom)