![]() VMware Player, also free, cannot take snapshots at all. VMware Server, which is a free product, supports only a single snapshot. VMware Workstation, a commercial product, allows multiple snapshots. VMware makes this simple with its integrated snapshot feature. This functionality provides an easy means of reverting to the desired system state almost instantaneously. Being able to take a snapshot of the system's state before infecting it and taking periodic snapshots throughout the analysis saves time.With VMware, it's possible to build a multi-component laboratory without the hulk of multiple physical boxes. It's often beneficial to have several systems in the analysis lab, so that the malware can interact with components of the simulated Internet.There are several advantages to this approach for behavioral malware analysis, compared to a lab built using distinct physical infrastructure components: VMware allows for the simulation of multiple computers running simultaneously on a single physical system. ![]() ![]() Advantage of malware analysis with VMware Virtualization software such as VMware is incredibly helpful in this process. Starting your investigation with behavioral analysis-an observation of how the specimen interacts with the file system, the registry and the network-can rapidly produce useful results. Even if malware analysis is not your primary occupation, once in a while you may find yourself wondering about the nature of an unfamiliar malicious executable that crosses your desk. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |