Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
Roman Yudichev2011-09-20 08:30:42
Malware
Roman Yudichev, 2011-09-20 08:30:42

Antivirus control "virtualok"?

Given: the virtual machine is infected with a virus.

Will the host antivirus detect the infection by scanning the virtual machine's disk (or RAM) image file?
Does anyone have real experience?

UPD: The question is related to obtaining an image of a virtual machine from a third-party source. For example, from trackers.

As option number 1 of the check, you can take a snapshot, put the antivirus inside, check everything, and then roll back.
As option #2 (from temaHT ) VMWare, for example, makes it possible to mount a virtual disk image to the host system. Next, scan in the usual way.

But does anyone have experience in the initial formulation of the question?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
T
temaHT, 2011-09-20
@temaHT

I think that the following option is possible: mount the disk of the guest machine in read-only mode. And set the antivirus on the mounted disk. If he finds something, then he will have to think further how to cure the “infection”.

Report
S
Sergey, 2011-09-20
@bondbig

McAfee has a function in the antivirus such that he can mount the disks of turned off virtual machines in ESX, check the contents for viruses and update the signature databases of his antivirus if it was installed inside the virtual machine.
Trendmicro generally has an antivirus for the hypervisor, it works through VMSafe.

Report
D
Duron700, 2011-09-20
@Duron700

I put the antivirus on the virtual machine... Stay away from sin... because the host machine is under Linux, in the virtual machine there is a 2003 server.
Although in my particular case it was easier to remove the virus by hand than to wait for the antivirus to get up, update and scan everything.

Report
M
Maxim, 2011-09-20
@Maxim_ka

An attempt to check virtual machines from under the main system, in my opinion, is not very good, because the virtual machine accesses its hard disk as a block device, in 90% of cases for the system that is the main one it is not at all known what lies there.

Similar questions
A
Andrey Nikitin2014-10-18 17:32:11
Is there a way to remove Attetion required? 1Reply
V
Valery Osipov2014-10-24 13:26:13
How to set up security on computers in the office? 2Reply
T
Taras Labiak2016-10-24 08:21:37
How to isolate WordPress so that it doesn't infect other sites when hacked? 5Reply
P
Petka_I2014-11-12 00:32:31
Where can I find and download the AES-256 virus? 3Reply
V
vvvadimos2016-11-14 22:03:51
Virus on the site. Where are the problems? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question