odd question...

Darthn3ss

where do i download virus's? I'd like to play around with virus removal and such. I'd be using VMware with XP and vista to download and install... i havn't searched google yet, i figure maybe some of you security experts could lend a hand.

blargoe

Go surf some **** with Internet Explorer on original Windows XP with no service packs or windows updates and no security software and firewall, making sure you connect the computer directly to your ISP and not behind a router. Wait 5-10 minutes.

JDMurray

There are many large collections of Malware used for experimentation and to test Spyware and A/V scanners. They are packaged as collections in ZIP files and distributed on P2P networks and USENET binaries newsgroups. Make sure you don't store them on a disk partition that is accessible by computers running A/V software, or you'll continually see warnings messages and the scanner will slow the computer to a crawl. In fact, only use an isolated virtual environment (like VMWare or Virtual PC) for experimenting with any software that can damage computers or spontaneously travel across a network.

jad75

You can download hundreds of viruses from here: http://vx.netlux.org/

Darthn3ss

will i be safe downloading and using them only in VMware?

JDMurray

It depends on what you mean by "safe." Simply downloading Malware stored in ZIP archive file is safe (i.e., they will not be activated), but what you do with the Malware files after that is where your major safety concerns are.

There are rules for constructing a test lab for dangerous software, such as don't connect your test computers to any other computer network--including the Internet. Your testing computers should be completely isolated and only able to import test programs and data using read-only external media (CD, DVD, floppy). The same rules apply even if you are using a virtual environment, like VMWare.

Using VMWare is especially safe because you can create an entire test network on a single computer. If a Malware experiment damages a system, the virtual computer can be recovered by simply reverting to the baseline snapshot. Reverting also allows you to easily destroy all "infected" virtual computers you've created when you have completed your testing.

Handling dangerous software has many of the same rules and problems as handling firearms. There are strict protocols that must be followed regardless if the firearm is loaded or not. The same is true with potentially infected computers, or computers that may need to be subjected to forensic analysis.

Kaminsky

jad75 wrote:

You can download hundreds of viruses from here: http://vx.netlux.org/

I wonder how many readers click on that link out of curiosity.

Darthn3ss

i clicked it in vmware.

ladiesman217

be careful of hard drive killers...i have seen one and any attempt to access the drive is restricted.

Darthn3ss

i'm going to run XP in vmware under linux to reduce the chance of the virus spreading outside of vmware. hopefully.