Dailydave mailing list archives
Re: Generically Determining the Prescence of Virtual Machines
From: listlurker () doctorunix com
Date: Mon, 20 Mar 2006 15:16:01 -0600
Quoting valsmith <valsmith () metasploit com>:
At OffensiveComputing we were looking at ways to detect virtual machines and had found and discarded many unsophisticated methods such as looking for
<snip>I read your paper with interest. At the risk of being obtuse, why not query the list of adapters connected to the PCI bus? They are all fake and are very predictable in how they behave and identify themselves according to each release of VMware. For example, the video card is always set to a mfg id of "vmware" and does not seem to be changeable.
Or is that not what you were trying to do? tc ------------------------------------------------- Email solutions, MS Exchange alternatives and extrication, security services, systems integration. Contact: services () doctorunix com
Current thread:
- Generically Determining the Prescence of Virtual Machines valsmith (Mar 16)
- Re: Generically Determining the Prescence of Virtual Machines Pusscat (Mar 17)
- Re: Generically Determining the Prescence of Virtual Machines pageexec (Mar 18)
- Re: Generically Determining the Prescence of Virtual Machines listlurker (Mar 20)
- Re: Generically Determining the Prescence of Virtual Machines Joanna Rutkowska (Mar 20)
- Re: Generically Determining the Prescence of Virtual Machines Arun Koshy (Mar 20)
- Re: Generically Determining the Prescence of Virtual Machines Joanna Rutkowska (Mar 20)
- Re: Generically Determining the Prescence of Virtual Machines Pusscat (Mar 17)