I've made a good start on a script that grabs a list of virus from around the internet and attempts to run each one and then reports changes in wine and then resets the wine structure. I'll be testing with the above two file change tools to see which one works best (I was just using a small one from freshmeat) though I'm interested as to what else I should be looking for in results? At the moment I'm just reporting crash details and file changes then using human inspection to see how well it did.
I just thought it might be a good idea to build a mailing list that goes to the local (vm) system then check if the local systems mail was spammed and report that. Looking for more suggestions like this.
Also I'm using qemu running debian at the moment. Of course the script wont care which vm you use. For those thinking that qemu is painful to use install qemulator and the kqemu kernel package and you're set. Though I'm not really sure this is the sort of thing we want new users to be attempting so easy of use of the vm shouldn't be important.
For those interested I've tested the top five virus listed on symantec and none of them have caused any serious issues, all malware I've tried has failed completely due to the lack of IE. I'll be setting up two build environments in the script, one with IE and one with native wine claiming ie (or not depending on responces).
Finally, where would be the right place to report the results? Appdb seems like a strange place to be putting results of this nature. :P
Edward
On Fri, Mar 14, 2008 at 6:58 AM, Lei Zhang thestig@google.com wrote:
On Thu, Mar 13, 2008 at 12:49 PM, L. Rahyen research@science.su wrote:
Separate user is enough if you don't have world writable files in yoursystem. And of course user for such purpose shouldn't be in group(s) that have write access to your personal or system files. If you are unsure use VirtualBox ( http://virtualbox.org/ ) - it's free and open-source, or VMWare ( http://vmware.com/ ) - it's not free. On Debian (and probably Ubuntu) you can install VirtualBox by running "sudo apt-get install virtualbox". I do not recommend to use QEmu because it's less user friendly than VirtualBox (BTW, VirtualBox is based on QEmu).
VMWare workstation is not free, but you can get both VMWare server and VMWare player at no charge. It's available from the Canonical repositories as well: http://archive.canonical.com/ubuntu/pool/partner/v/vmware-server/