Is it possible to build Virus Analysis Toolkit by using Xen?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Is it possible to build Virus Analysis Toolkit by using Xen?

정진혁
I'm sorry for my bad english.
 
I'm an undergraduate. I want to develop VAT(Virus Analysis Toolkit) that work with VM.
 
Because if it uses the VM, the virus can't effect on the real system.(Code emulation)
 
Could you advise me to do what?

_______________________________________________
Xen-devel mailing list
[hidden email]
http://lists.xensource.com/xen-devel
Reply | Threaded
Open this post in threaded view
|

Re: Is it possible to build Virus Analysis Toolkit by usingXen?

sakaia
Hi,

Of course, you can make VAT tool based on Xen.
For example, you can access guest memory from dom0 via libxc.
Also, guest I/O can monitor via dom0.

P.S.
Every body on this list is very busy person.
General Question is not always answered.
I suggest you that you should read
users manual and I/F manual on Xen package first.
I think the problem is your contents not your english.

Thanks
Atsushi SAKAI




"=?EUC-KR?B?waTB+Mf1?=" <[hidden email]> wrote:

> I'm sorry for my bad english.
>
> I'm an undergraduate. I want to develop VAT(Virus Analysis Toolkit) that
> work with VM.
>
> Because if it uses the VM, the virus can't effect on the real system.(Code
> emulation)
>
> Could you advise me to do what?



_______________________________________________
Xen-devel mailing list
[hidden email]
http://lists.xensource.com/xen-devel
Reply | Threaded
Open this post in threaded view
|

Re: Is it possible to build Virus Analysis Toolkit by using Xen?

Serir
This post has NOT been accepted by the mailing list yet.
In reply to this post by 정진혁
But the worst thing is !!! if a virus contains a jump (jmp) instruction in its assembly codes .. that will cause that the virus jumps into real environment ! so dont trust on all vm and os's ... some viruses are anti-vm !