Introduction to Security

A Hypervisor and the Kali Linux Virtual Machine

Throughout this course, you should do most of your work on a virtual machine. A virtual machine (VM) is a software computer that, like a physical computer, runs an operating system and applications. Say that your laptop runs macOS, you can run a version of Windows as a virtual machine (the "guest") on top of macOS (the "host"). The value of using a virtual machine is logically separation between machines. Theoretically, a virtual machine is isolated from the host. That is, mistakes made on a guest (e.g., malware) will not escape to host --with a few exceptions including file sharing between host and virtual machine. To run a virtual machine, you will need a hypervisor, also known as a Virtual Machine Manager (VMM). Hypervisors also provide a very handy feature: taking snapshots of running virtual machine, and rolling back to a snapshot when necessary (i.e., when mistakes are made).

Instructions

1. Download a hypervisor software. Options:

Other hypervisor software options include Parallels for macOS (commercial), and QEMU (free and open source).

2. Download a premade 64-bit Kali Linux VM for hypervisor you chose from https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/ This VM has Kali Linux installed as well as the tools that you will be using for this class (e.g., Wireshark, nmap, ettercap, etc). Files and actions done inside the VM will stay persistent inside of the VM unlike the live ISO option where everything is saved to RAM.

3. In either VirtualBox or VMware, open the OVA file that you downloaded.

Why is using a Kali VM not mandatory for this class and thus strongly recommended? (notice: I wrote "you should do most of your work on a virtual machine")

  1. Accessibility. For students who are visually impaired, using a virtual machine can be very difficult.
  2. Not all students have a capable laptop. Sometimes due to financial reasons, some students use Chromebooks. The tools required for this course can be installed natively on macOS, Windows, and Linux.
  3. Performance. Sometimes, using a VM can be very slow. A VM also do not use native drivers (e.g., for networking).

Troubleshooting

The problem: you receive the following error in VMware or something similar in VirtualBox: Binary translation is incompatible with long mode on this platform. Long mode will be disabled in this virtual environment and applications requiring long mode will not function properly as a result. See http://vmware.com/info?id=152 for more details. or This virtual machine is configured for 64-bit guest operating systems. However, 64-bit operation is not possible. or This host supports Intel VT-x, but Intel VT-x is disabled.

The solution: You have to enable virtualization on your computer's BIOS.

tl;dr Searching for "enable virtualization on [insert your computer model here]" can be very helpful because the steps are often different for different computer models. It will likely involve turning off the computer, turning it on while holding a key (e.g. the escape key), and then switching a menu item.

On many machines, how you get into your computer's BIOS is this:

  1. Restart your computer.
  2. Within *the first few seconds of boot* on your computer, press a key. F2 or ESC are common.
  3. Go to System Configuration > Device Configuration or similar
  4. Check the enable VT-x

More: https://superuser.com/questions/593973/this-virtual-machine-is-configured-for-64-bit-guest-operating-systems-however

On newer machines and Windows 10, the process may be different: http://www.dell.com/support/article/us/en/19/sln143038/access-uefi--bios--system-setup-from-windows-on-your-dell-system

VM Update Notes on April 27, 2020

VM Update Notes on May 8, 2019

VM Update Notes on July 10, 2018

VM Update Notes on March 2, 2018

References

  1. http://www.howtogeek.com/66734/htg-explains-what-is-a-hypervisor/
  2. https://security.stackexchange.com/questions/9011/does-a-virtual-machine-stop-malware-from-doing-harm