can you talk a little bit more or if you have any recommended readings for how to configure the network for the virtualbox windows machine so that the chances of malware spreading outside the box are minimal or non-existent?
With VirtualBox you can set your network adapter to "Internal Network" which allows VMs on the same setting to talk with one another, but NOT your host or the outside world. You can also use "Host Only" which allows the VMs to talk to one another and the host, but NOT the outside world. Hope this helps :)
The FLARE VM Setup should be run in a VM. It is for quickly setting up an analysis environment that can be replicated if you somehow corrupt your VM. Your base machine (The machine you're running VMWARE/VIRTUALBOX on should be a normal Windows/Linux box.) Hope this helps.
You need to take one snapshot before the VM is ever powered on because it allows you to revert the 90 day trial timer for Windows. Microsoft even suggests doing this on their site, so this isn't trying to cheat or bypass their system. After you have FLARE tools installed you can take a second snapshot where you have everything setup and ready to go. After the 90 days, you'll need to revert to the first snapshot to reset the trial timer and re-install FLARE tools.
The "Flare VM" is just a tool to install a bunch of RE related tools. It doesn't install a "VM" per-se, just the tools/updates/etc. You can run this in either a VM or your base machine, however, it is always advised to do analysis in a VM. Hope this helps.
Do you add a rain effect to your videos?
Yes, I do. Is it distracting?
slightly, perhaps turn the volume to half of what it is
Will do. Thanks for the feedback :) Appreciate it.
Where do you get the rain and thunder effect from? As I like it.
can you talk a little bit more or if you have any recommended readings for how to configure the network for the virtualbox windows machine so that the chances of malware spreading outside the box are minimal or non-existent?
With VirtualBox you can set your network adapter to "Internal Network" which allows VMs on the same setting to talk with one another, but NOT your host or the outside world. You can also use "Host Only" which allows the VMs to talk to one another and the host, but NOT the outside world. Hope this helps :)
Do u run flare on actual computer it self or on a vm and it create a flare vm after it runs on the machine ?
The FLARE VM Setup should be run in a VM. It is for quickly setting up an analysis environment that can be replicated if you somehow corrupt your VM. Your base machine (The machine you're running VMWARE/VIRTUALBOX on should be a normal Windows/Linux box.) Hope this helps.
Is it possible to take the snapshot just after installing Flare's Lab?
You need to take one snapshot before the VM is ever powered on because it allows you to revert the 90 day trial timer for Windows. Microsoft even suggests doing this on their site, so this isn't trying to cheat or bypass their system. After you have FLARE tools installed you can take a second snapshot where you have everything setup and ready to go. After the 90 days, you'll need to revert to the first snapshot to reset the trial timer and re-install FLARE tools.
Thanks for the answer. Very helpful video indeed. ;-)
Great video! Also are you like camping outside or something cause goddamn
Just put some rain in the background. Thought it'd be relaxing.
Awesome! Thank you.
Not a problem. Hope it helped :)
;D
Do u run flare on actual computer it self or on a vm and it create a flare vm after it runs on the machine ?
The "Flare VM" is just a tool to install a bunch of RE related tools. It doesn't install a "VM" per-se, just the tools/updates/etc. You can run this in either a VM or your base machine, however, it is always advised to do analysis in a VM. Hope this helps.