Fwd: Generically Determining the Prescence of Virtual Machines

[Bill Weiss <houdini+funsec () clanspum net>]

He's not subscribed here, so he asked me to pass this along.

----- Forwarded message from valsmith () metasploit com -----

At OffensiveComputing we were looking at ways to detect virtual machines
and had found and discarded many unsophisticated methods such as looking
for VMWare Tools running as a service or VMWare related registy keys, etc.
Then we discovered Joanna Rutkowska's very interesting "Redpill" method.
This was an eye opening work for us. After spending a little time playing
with it we realized it wasn't fool proof on multiprocessor systems and so
we decided to research the problems and possible ways to improve on the
method. We discovered and implemented an improved method which is
presented in the this paper.

http://www.offensivecomputing.net/papers/vm.pdf

thanks, 

V.

----- End forwarded message -----

-- 
Bill Weiss
 
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.