Is this true?

Diamond_G · Jul 29, 2017

I heared that if i have a vm and make a shared folder to read-only,viryses can't escape the guest that easily anymore...should i belive it because i just want to experiment with viruses on a vm.Also please tell me other things to keep in mind when doing this.Thanks.

mdd1963 · Jul 29, 2017

Let's not confuse 'virus' with malware....

If you are dealing with true destructive malware designed to spread on networks, it is best to isolate the system you are testing from others, even if intent is only infecting a VM contained within.

Have a full image backup of the host, in case something goes wrong.

Diamond_G · Jul 30, 2017

mdd1963 :

1.is using NAT network and no shared folders considered isolating?
2.Is a read-only shared folder safer than no shared folders?

USAFRet · Jul 30, 2017

1. Viruses can absolutely escape a VM.
2. Viruses can also detect being in a VM, and simply shut down. Rendering your investigation and experimentation useless.

Best and safest way to test/investigate/play with viruses and other malware is with a fully airgapped other system.

Diamond_G · Jul 31, 2017

USAFRet :

What would be the chances for a virus to escape the vm?
Also is NAT network and a read only shared folder a safe way to do this?

USAFRet · Jul 31, 2017

Diamond_G :

The 'chances' are 100% if the virus is written to do that, and has write access to something else.
'Read only' mitigates that possibility a lot. But I still wouldn't trust it. Especially with a system (or VM) I am purposely infecting.

But as said...if the virus detects that it is in a VM...it may just shut itself down. Giving you no real results.

Search

Is this true?

Diamond_G

Prominent

USAFRet

mdd1963

Distinguished

Diamond_G

Prominent

USAFRet

Illustrious

Diamond_G

Prominent

USAFRet

Illustrious

Similar threads

TRENDING THREADS

Share this page