Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Will I infect


  • Please log in to reply

#1
MS-Free

MS-Free

    Member

  • Member
  • PipPipPip
  • 425 posts
I'm not really sure which forum this best belongs in.

If I download some Malware for reverse-engineering and subsequent analysis on my Ubuntu machine - am I putting any Windows machines on the network at risk?
  • 0

Advertisements


#2
kimsland

kimsland

    Member

  • Banned
  • PipPip
  • 94 posts
Yes Malware can spread across the network in Windows
Your Windows network computers should have their Antivirus and AntiMalware programs up to date and live protecting.
Plus have all Windows Security Updates and Service Packs completed. And firewall on.
  • 0

#3
MS-Free

MS-Free

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 425 posts
Okay, that's what I was wondering, and what I was slightly worried about. Just let me make sure I understand correctly: Even though it won't stick to a Linux machine, it can still make the jump across the network and (potentially) infect a Windows machine, correct?
  • 0

#4
sari

sari

    GeekU Admin

  • Administrator
  • 21,507 posts
  • MVP
Playing with malware on networked machines is never a good idea. Even downloading malware to a VM on a Windows machine is not a good idea, as there have been instances where it has escaped and crossed over to the regular OS. However, the best bet would be to follow the advice you've been given elsewhere and hold off on this until you've advanced more. I don't understand the eagerness to put the cart before the horse.
  • 0

#5
Titan8990

Titan8990

    Member

  • Member
  • PipPipPipPipPip
  • 2,189 posts

Yes Malware can spread across the network in Windows
Your Windows network computers should have their Antivirus and AntiMalware programs up to date and live protecting.\


I have to disagree with this... How is something that can't execute going to spread? I have seen numerous failed attempts of running windows malware via WINE...

Another thing, is a virus, by definition, is not self spreading.

Although, I still feel that you should be doing this in an isolated lab environment, "just in case".

Setup your linux box on its own VLAN (if you don't have one, get a VLAN capable switch used). Set policies so that your Linux box can not talk to Windows hosts.

In my opinion its pretty safe to analyze malicious code on your Linux box. Open it in a hex editor, run it through something like Evan's Debugger, just have fun. Your much more likely to get something from simply browsing around the Internet on your Windows box. Even legit sites like the New York Times have reported to have ADs that distribute malicious code.

Plus have all Windows Security Updates and Service Packs completed. And firewall on.


I agree that many forms of malware exploit old, well known, and patched vulnerabilities. However, this isn't going to stop those 0day exploits from hitting (like the current "don't hit F1" fiasco).

One last time to make it clear. Even though I dispute that a binary file that can't be executed can spread to another host on a LAN, I still highly recommend an isolated lab environment.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP