WMWare appliances as a vector

Just saw mention on a forum of downloading a VMWare appliance ready-to-run parental control package. It’s definitely a great convenience to get a pre-installed entire OS with apps and all this way, but what about malware? It seems we have very little guarantees about how clean these installs are, and yet I don’t see people worrying much about it. My neck hairs stand on end just thinking about it.

There is no way I know of to scan such a ready-to-run VMWare image for malware. There is no way to reliably scan them once they’re up and running, since they can easily be rootkitted or even contain malware compiled into the kernel.

Personally, I couldn’t dream up a better vector to get an entire package of malware onto sombebody else’s host or network than having them install an entire virtual machine preloaded with it.

But they sure are neat. I’ve downloaded one or two myself to test out preinstalled servers of different kinds, but I don’t think I’ll do that anymore.

Leave a Reply

Your email address will not be published. Required fields are marked *