07.24.06
Paper on Vista networkin, and a vmware detection trick
There is a nice paper about a research on windows vista new networking stack
http://www.securityfocus.com/brief/260
by the way, i was working on vmware, i have casually found it uses always the same “physical memory” address ranges to map bios and pci stuff (F0000000 - F0FFF000 and FE000000 - FE1FFFFF) on an emulated windows xp sp2. The physical machine was a xpsp2 too. I have found this on three different machines, so maybe this could be a vmware detection trick. Not useful at all! Its plenty of easier tricks, but its just a curiosity I was having. I tried google but i didnt find anything, maybe i googled badly 
Anyone who can confirm or deny this is welcome!
Bye
AndreaGeddon
ps. those ranges should not be windows specific, i tried to look at the memory in not emulated windows and the bios/pci etc are mapped at different addresses, but i did not make accurate tests, so i may be wrong