So, today I thought about trying some viruses on a VM. I remembered a website that I can get a lot of viruses from, but when I went to a virus link my ISP blocked it. Please help me get my VM off of my ISP network.
How is the VM network connection configured?
It's on vmxnet3 right now
Not what I meant - Bridged, NAT, custom?
Custom
And now more information on the VMnet configuration…?
The more you share, the more help you can potentially receive…
you might download the eicar.txt file, that is a known test file for testing and most ISP's let it download. I use it for testing.
Can you send me the download?
Some unsolicited advice from a from a former certified CISSP
A) unless you know what you’re doing, don’t simply decide one day to “try some viruses”. Playing around with real viruses is like playing with fire. Do some research on the Morris worm of 1988 or Stuxnet to get an idea of what could go wrong
B) Ideally to prevent contamination of the host, you’d run your experiments on dedicated hardware on its own network.
C) if you insist on playing in a VM, the VM has to be as isolated as possible so that you do not cross-contaminate the host. That means turning off drag/drop, copy/paste and shared folders at an absolute minimum. You also would want to keep networking to NAT or ideally host-only with the host not having an IP address on the custom network. Even if you do these things you need to be aware that there may be vulnerabities in the hypervisor that could allow viruses to spread to the host.
D) in the interest of safety should anything go horribly wrong, back up every host on your network before doing anything and air-gap it so it can’t be contaminated. A make sure you know how to recover everything should you have to restore any system from bare metal. And make sure anything on your network is running a good, up to date AV product
E) If your ISP is blocking sites that provide viruses there is nothing you can do to get around that in Workstation or your host system. You’d have to resort to using another network provider that doesn’t block or maybe a VPN. But there’s no guarantee that a VPN won’t block those sites as well.
F) To find the EICAR test file, you could do a web search for it, That would get you here https://www.eicar.org/download-anti-malware-testfile/
The EICAR test file is the safest method because it is not a real virus, but will trigger a response from AV scanners as if it was. Since it’s benign, it doesn’t require the precautions of A through E above.
See https://www.eicar.org/download-anti-malware-testfile/ for test files, or even the test pattern that you can use to try, and save it in a simple text file.
André
I tried downloading it on my host, and it randomly got canceled
(sorry, i forgot about this post and didn't reply until 2023 lol)
LOL. No problem, I will respond next year 😉
Did you try to copy the eciar test string, and try to save it in a text.file yet?
André
Downloads are usually blocked by an A/V.
Again, what if you copy the string X5... and paste it into a new text file on your PC?
André