Virtual Machine Configuration
To prepare for the virtualization labs, you will need to install a virtual machine manager onto your computer.
Enable Virtualization Extensions
In order for your computer to properly run guest operating systems with reasonable performance, some hardware features of your CPU need to be enabled. For Intel processors, these features are called "VT-X", and for AMD processors, they are called AMD-V. It's hit or miss whether these features are enabled by default on consumer computers - in prior classes about 25% of students had to enable them manually.
If you have a Mac: Congratulations, any modern Intel-based Mac should already have VT-x enabled. If you wish to verify this out of an abundance of caution, launch the Terminal app and run the following command, and look for VMX in the output:
$ sysctl -a | grep machdep.cpu.features
If you have a Windows PC: Run the Task Manager program. In the Performance tab, look for a line labeled "Virtualization", and confirm that it says enabled. Look here for an example of the desired output along with some alternate methods of confirming CPU virtualization extensions are enabled.
If virtualization extensions are not enabled, you will need to enable them before continuing. The location of the specific button is not in Windows, however. It's buried deep in the BIOS or UEFI software that runs immediately after your computer is powered on, before Windows even starts. The step-by-step process to enable this option is unfortunately very computer dependent. Typically the process involves restarting your computer and immediately starting to repeatedly press the F2 key. Or F10. Or DEL. The correct key varies by vendor. You might see a quick message "Press <some key> to enter Setup" flash very briefly on the screen. Or, you might need to do a search for "Access BIOS" followed by your specific computer make and model. Once you are in the BIOS, you can navigate using the arrow keys (or newer UEFI systems allow you to use the mouse). Navigate through the settings looking for a "Virtualization Extensions" (or similar) option that you can change from Disabled to Enabled. If you can't find anything, you might need to search for instructions for your specific model of computer. Save the BIOS settings (via the keyboard shortcut listed at the bottom of the screen), let the computer reboot, and then check if Windows says that Virtualization is enabled now.
Choose a Virtual Machine Manager
First, download the appropriate software for your computer. You have a few choices here:
- Paid products - RECOMMENDED CHOICE
- Windows, Mac, or Linux: VirtualBox
Warning: The free VMware Player products are NOT sufficient for this class due to the annoying limitation that they will only run a single virtual machine at a time, but we need multiple VMs running simultaneously and communicating with each other. Furthermore, the Player products do not support taking snapshots of virtual machines, a feature that can sometimes be essential. Paid VMware products (Workstation Pro and Fusion) do not have these limitations.
Second, install it! (Accepting the default options is generally reasonable)
Third, run its own internal "Check for Updates" feature to ensure you have all the latest bugfixes and security fixes!
Virualization Setup FAQs
Which is better - VMware or VirtualBox?
In previous classes, the VMware products typically work more smoothly out of the box. But, the free VirtualBox product can always be setup correctly, it just might take some additional effort. Both are supported methods in this course.
I have an older software version than what is listed above - can I use it?
Using an older virtual machine manger is highly discouraged. These are complex programs that are regularly updated to (a) improve compatibility with their host operating systems, (b) improve compatibility with the guest/virtual operating systems being created, and (c) fix security vulnerabilities that would allow a malicious guest OS to break out into the host OS. These should all be important to you as security professionals, particularly the point about vulnerabilities! Update your virtual machine manager regularly, even if it means giving VMware more money...
Virtual Machines for COMP 178
There are several virtual machines needed to complete the labs in this course:
- Kali Linux - A Linux distribution with software pre-installed for penetration testing, forensics, and reverse engineering
- Metasploitable 2 - An intentionally vulnerable Linux virtual machine designed for training, exploit testing, and general target practice
Download and configure a Kali Linux virtual machine with tools needed for future labs. The first download choice ("Installer Images -> 64-bit -> Installer") is fine. Avoid the "Weekly" or "NetInstaller" options. As-of January 2023, the current version is 2022.4
Use the following virtual machine configuration. You want enough disk/RAM/CPU for Kali to be usuable, but not too generous, because you will also be running other virtual machines (e.g. Metasploitable) at the same time on your computer. The largest programs we will be running are Nessus and OpenVAS, which are both vulnerability scanners.
- Disk space: 35GB (The typical 20GB is too small to run the vulnerability scanners)
- RAM: 4GB
- CPU cores: 3
- OS Type: Linux -> Debian 10.x 64-bit (since VMware won't recognize "Kali" as a major distribution)
- Boot firmware: UEFI
After starting Kali, choose the "Graphical Install" or "Install" option from Boot menu. Walk through the install process as-if you were installing Linux normally, except that you're installing it into your virtual machine instead. The default options are fine. For the GRUB boot loader, specify the installation path
/dev/nvme0n1, as prompted. Let the VM reboot after the installer finishes, and then log into Kali with whatever username and password you specified in the installer.
To update your copy of Kali and its associated tools to the latest version after creating and launching the VM, run the following commands to check for, and then apply, any available updates.
$ sudo apt update $ sudo apt -y upgrade
To verify the version of Kali you are running, do:
$ lsb_release -a
VirtualBox-specific setup instructions:
If you are using VirtualBox, you will have better integration with your host system if you run the following commands to install the host tools inside of Kali:
$ sudo apt update $ sudo apt install -y virtualbox-guest-x11 $ sudo reboot # Now you should be able to resize your window...
In addition, for VirtualBox, ensure that file Drag and Drop and Clipboard integration is enabled. Go to Settings for your specific VM, select General->Advanced, and ensure both "Shared Clipboard" and "Drag'n'Drop" are set to "Bidirectional" instead of their default setting of "Disabled".
Download an intentionally vulnerable virtual machine - Metasploitable 2 - from Sourceforge. Note that this file is distributed as a complete VMware virtual machine (.vmx / .vmdk file), not an .iso file like most installers, so you can open it directly in VMware. Download and extract the .zip file to a convenient place on your computer.
Important: Never expose this VM to an intrusted network! Use NAT or Host-only networking mode in your virtual machine configuration.
The default login and password for Metasploitable2 is
After confirming that your Metasploitable2 instance runs and that you can log into it, shut it down. Then, take a snapshot and give it a name like "Original Metasploitable2 snapshot". With a snapshot in place, no matter what happens to this VM, you can always revert it back to its original condition.
VirtualBox-specific setup instructions:
To use Metasploitable 2 in VirtualBox, first create a new virtual machine in VirtualBox. The type should be "Linux", the version should be "Ubuntu (64-bit)", and 512MB of RAM is sufficient. During the configuration, do not create a new virtual disk (like you did for Kali), but instead configure VirtualBox to use the existing Metasploitable vmdk file that you unzipped from the zip file. After that, you should be able to directly launch and run Metasploitable 2 - no "intallation" is neccessary, since it has already been installed to the virtual disk.
VMWare-specific setup instructions:
None! Metasploitable 2 is distributed as a VMWare VM.
In order to enable network communication between virtual machines, VirtualBox requires additional configuration.
VirtualBox-specific setup instructions:
In VirtualBox, you want to use the "NAT Network" mode of operation, not the "NAT" mode of operation.
Create a new shared network that can be used by all or some of your virtual machines. Go to File->Preferences->Network and click the "plus" icon to add a new NAT Network. The default network name of "NatNetwork" is fine. If you click the "gear" icon, you can see the details for this new network, including its "CIDR" (Classless InterDomain Routing, i.e. the subnet) and other settings. The default options (a subnet of 10.0.2.0/24 with DHCP enabled) is fine. OK out of all the Preferences windows.
Assign each virtual machine to use this new shared NAT network. For each VM, go to Settings->Network, and for Adaptor 1 (the only one in use), change the "Attached to" setting from the default of "NAT" to the new "NAT Network". For the "Name" field directly below, ensure the name of your new network (e.g. "NatNetwork") is selected. OK out of all Preferences windows.
VMware-specific setup instructions:
No additional VMWare configuration is required.
VMware Networking Troubleshooting:
Is there no networking at all in the guest OS? (Does "ip link" show that the Ethernet link is down?). Here are some troubleshooting tips:
- Shutdown and start (or restart) the virtual machine. Don’t just suspend/resume it
- Restart Windows/Mac
- Check in VMware and install any updates available (and restart the virtual machine afterwards)
- For Windows VMware Workstation Pro only: Go to Edit->Virtual Network Settings. Click “Change Settings” and then “Restore Defaults”. Restart the OS and try again.
You can also try to force the network to an active state.
sudo ip link # Check the ethXX or ensXX link - is it down? Note its *exact name* and use it below sudo ip link set ensXX up # Force that link to to run sudo ip link # Is the link running now? sudo dhclient ensXX # Force the network interface to obtain an IP address sudo ip addr # Do you see an IP address on the interface now? ping google.com # Can you ping google? Should see packets transmitted/received. # CTRL-C to stop pinging