Sorry for tragicomic question but I'd like to hide the fact that a virtual machine is virtual to its users to prevent objections.
Is it possible to mask all devices details?
Unless your users demand to see the physical boxes, it shouldnt be too hard to mask.
In my mind, the only difference is hardware.
so, you'll have to remove access to Device Manager, and the msinfo32 command.
Every now and then this question pops up.
First off it is impossible to completely hide the fact when a user has complete access to the virtual machine. There's too many ways in which you can detect this.
- An ancient chipset used with a modern processor (an impossible combination in the physical world)
- All of the hardware is virtualized, so checking any of the hardware ID's will reveal this
- The MAC address of the NIC is in the VMware range
- one can use timing attacks in order to determine the code runs virtual
OTOH if this is just to get past the "but virtualisation is slow" mind set then it might be enough to just hide the toolbox from the traybar icon which you can do by editing the registry key “HKEY_CURRENT_USER\Software\VMware, Inc.\VMware Tools” and set the ShowTray value equal to 0
I understand that it was a stupid question but the issue of users raising false problems is real. It would be wonderful if virtual hw could be masqed with a range of choices!
I don't think that is even remotely possible as you would then need "false" drivers for all supported operating systems as well. You do want your virtual machine to be able to run not?
If I'm not mistaken you can now assign MAC addresses which are no longer restricted to the VMWare range in the latest ESX 3.5 version.
But even if that was possible to mask then it still is possible to detect that code runs in a virtual machine, there are simply too many clues.
For example there's a backdoor channel that VMware uses in order to communicate for vmware tools with the host. Yes you can disable that, but then your vmware tools will be disabled and you are probably hurting your users more as by leaving it in.
In order to do so, add this line to your vmx file:
monitor_control.restrict_backdoor = "TRUE"
I was just saying that you cannot hide this for advanced computer users as they might try something as simple as install vmware workstation in your VM... (which by default is restricted)
Unfortunately as WILA stated it is just impossible to not tell a system is running within a virtual machine. To hide this you would need to hide this you would need to pretty much dismantle the OS in question, not something you really want to do.
I would not even try as the 'restrict_backdoor' option does not really disable the backdoor, it is still there, it just no longer responds.
Edward L. Haletky
VMware Communities User Moderator
Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.
CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354
As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization