[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040526221010.68169.qmail@web60807.mail.yahoo.com>
From: sgmasood at yahoo.com (S G Masood)
Subject: Imaging Operating Systems
--- Shawn Cox <shawn.cox@...a.com> wrote:
> Norton/Symantec Ghost
> PowerQuest Drive Image(I think Norton gobbled this
> one up)
>
> Or for the truly crafty vmWare.
Yeah. And do remember that though VMware is the
platform of choice for many testlabs, malware can
change its behaviour when it detects that it is being
run in a VMware virtual machine.
For example, see this short but interesting article
about how to detect a Virtual OS from a VXers point of
view - http://29a.host.sk/29a-7/Articles/29A-7.011
I personally have not come across any malware which
changes its behaviour when it detects VMWare, but,
since it's relatively trivial, it may become standard
practice in the near future.
--
S.G.Masood
--
"Fools ignore complexity; pragmatists suffer it;
experts avoid it; geniuses remove it."
>
> --S
>
> ----- Original Message -----
> From: "Michael Schaefer" <mbs@...trealm.com>
> To: "Full-Disclosure"
> <full-disclosure@...ts.netsys.com>
> Sent: Wednesday, May 26, 2004 1:55 PM
> Subject: [Full-Disclosure] Imaging Operating Systems
>
>
> > Hi all
> >
> > We are building a Windows test system, to try out
> tool bars, spy ware,
> > malware and trojans on.
> >
> > Once we learn what we need to know, we obviously
> want to get rid of the
> > junk quickly and cleanly.
> >
> > I keep hearing suggestions about having a "clean
> image" to transfer onto
> > the computer.
> >
> > Can anyone send some details?
> >
> > Is there an official Microsoft way to do this?
> >
> > Is some sort of over the network OS installation
> script in order here?
> >
> > Are there other vendors that do a better job?
> >
> > Thanks
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> http://lists.netsys.com/full-disclosure-charter.html
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Powered by blists - more mailing lists