Do you want to learn how to configure a firewall or intrusion detection system? Break into a vulnerable web server? or even create a massive virtual network rivaling small businesses? You’re going to need somewhere to practice. Hands on learning is the more important method of learning. You can learn IDS theory all day, however, until you sit down to configure and test one, you’re much more limited in your skill set.
A test environment is crucial to getting hands on learning and experience in a safe, effective manner. No matter what your technical interest may be, you will almost assuredly need a test environment. This guide will walk you through how to setup a virtualized test environment through the use of tools such as VMware or VirtualBox. Lets go over what you’ll need.
First and foremost, you’re going to need a computer capable of handling at least two virtual machines. While requirements vary greatly, try to at least hit the following:
- 8 Gigs of RAM
- Quad core processor
- 50 – 100 gigs of disk space
This shouldn’t be too hard for any modern system. Beyond this, that’s all you need to get started. Honestly, you could get by with less. I’m a fan of having more resources at my disposal than not enough. If you are short on hardware, try installing a flavor of Linux and running through this guide on that. A default install of Ubuntu MATE, for example, runs on 300-400mb of RAM. Meanwhile, Windows can take gigs of RAM just idling.
You need two parts for this section, a program to run virtual machines and systems to run virtually. Most operating systems can be installed via a disk image, aka an .iso file. For a virtualizer, I’d recommend one of the following:
Virtualbox: a free, feature rich virtualizer available on Windows, OS X, and Linux.
VMware: a free or commercial virtualizer for Windows and Linux.
I’ll be writing the guide with Virtualbox in mind. I use VMware Workstation Pro for my own use, but I find VirtualBox to be the better introductory route. If you do decide on VMware, you can still follow this guide with very little differences.
Once you’ve picked your choice, we’ll need an .iso file to download. For our example case, we’re going to virtually install Kali Linux. I would recommend using the torrent download option. It’s a lot faster in my experience (don’t worry, it’s completely legal torrenting a Linux distribution).
Kali download: https://www.kali.org/downloads/
Now that you have everything you need, we can start!
Setting Up the Virtual Machine
Go ahead and open up VirtualBox. You should see a screen similar to:
Click NEW, add in the title for your VM, the OS flavor, and “Other Linux (64 bit)” in the version.
Click NEXT. The next step is to allocate RAM to your VM. This will take RAM from the host system and give it to your VM so you have to know your limits of what you can give. I’d recommend at least 2-4 gigs for usability sake. If you’re resources are limited, you can go as low as 50mb – 1 gig. I’ll go with 4 gigs of RAM
Click NEXT. The next step involved a digital hard disk. This will function as the hard drive for the virtual machine. Click Create a virtual hard disk now and Create.
The next page lets us choose the disk type. The default VDI option is the format for VirtualBox specifically. I like using VMDK, which is usable with other virtualization software such as VMware. VMDK is developed by and for VMware and is supported by a large variety of virtualization platforms. Click VMDK and NEXT.
The next step is to choose whether we want the disk file to be split or fixed. The text on the dialog box does a great job of explaining the difference. If you’re short on disk space, used split. If you have room to spare or want to ensure performance, use fixed.
The next page lets us choose where we want the disk file stored as well as the location. To change the location of the disk file, you can click the folder icon next to the name. I keep mine on a separate hard drive I use for virtualization purposes. Set the size to whatever you feel is necessary for your uses. For this example, I’ll make mine 30 gigs.
Click Create. This allocation will take some time depending on the disk file size. The initial setup is now complete! We can go ahead and start the VM. You should now be back on the main VirtualBox page. Go ahead and start the VM. You should see the following dialog box. Click the folder icon and navigate to where your Kali iso located.
Installing Kali Linux
You should now see Kali’s boot up screen. Go down to Graphical Install and hit enter.
The installer will ask you for your language, location, and keyboard settings. Make your selection and proceed. The installer will then do some network configuration followed by asking you for a host name. This could really be whatever you want. I’ll leave this as “kali” and proceed.
The installer will ask for a domain name. I usually just leave this blank a move on. The next section of note is the root password screen. For my example, I just made this “password”. Enter in something secure and continue.
Select your time zone and continue. Next up is the partitioning. While many Linux aficionados have their particulars in how this should be done, we’re just going to use the entire disk for simplicity sake.
Select your virtual machine disk and hit continue (should be the only one there by default). Next step is to select a partition scheme. Make sure All files in one partition is selected and hit continue. Click “Finish partitioning and write changes to disk” and continue. Write the changes to the disk. You should see the following installer. Let it do its thing.
Once this install is done, it will prompt you for a network mirror. I usually forgo a network mirror and click continue. The next option will be to install GRUB (GRand Unified Bootloader). Click YES then select your virtual hard disk, /dev/sda in my case. The install will proceed to finish.
The system will reboot and we now have a running virtual machine! Login with “root” and the password will be the root password you set previously. You’re now running a computer inside a computer,
Part One: Finished
We now have a functioning version of Kali. This concludes the “how to use a virtualizer” tutorial but will serve as the beginning to an introductory series on penetration testing. The next tutorial will be configuring and updating Kali, creating a segmented, offline test network, and importing a vulnerable virtual machine to attack!