Wednesday, June 15, 2005

VMWare: Seattle Conference

This morning I attended the VMWare conference in Seattle, WA. VMWare is an essential tool when analyzing malicious code. It's very easy to setup a [sandbox] network of 2-10 machines so that you don't damage any of your production machines -- and you have the option of freezing the virtual machine state so that you can restart any malware exam if you miss something. For the forensic examiners, you can mount a raw disk image in VMWare and start it as a virtual machine! If you plan on analyzing malicious code (virus', worms, trojans), this software is invaluable!!

The main point behind the VMWare conference was for developers and testers, but I found it useful to go along and get the free $200 license for VMWare 5.0.

No comments: