Open alichtman opened 5 years ago
It's possible that we can include this RedHat program and just read the output but I think it's unlikely that no non-kernel includes are used. Worth a look.
This article is kernel specific. I'd start here.
https://www.2daygeek.com/check-linux-system-physical-virtual-machine-virtualization-technology/
https://blog.talosintelligence.com/2009/10/how-does-malware-know-difference.html
https://www.fireeye.com/blog/threat-research/2011/01/the-dead-giveaways-of-vm-aware-malware.html
https://stackoverflow.com/questions/154163/detect-virtualized-os-from-an-application
Adding some more links https://www.ostechnix.com/check-linux-system-physical-virtual-machine/ https://unix.stackexchange.com/questions/89714/easy-way-to-determine-virtualization-technology https://www.dmo.ca/blog/detecting-virtualization-on-linux/ (article linked in the stackexchange post)
Don't do anything if so.
Maybe this is useful: https://www.cyberciti.biz/faq/linux-determine-virtualization-technology-command/