Building Virtual Machine Labs
Building Virtual Machine Labs
A Hands-On Guide
About the Book
Note: There is an updated version of this book, completely re-written and updated. Go here: https://leanpub.com/avatar2
Virtualization is a skill that most IT or security pros take for granted. The sheer number of choices and requirements can be a daunting challenge to face for beginners and veterans alike.
With this book, you'll learn how to build a robust, customizable virtual environment suitable for either a personal home lab, as well or a dedicated, shared lab environment. You will learn how to:
- Understand the mechanics of virtualization and how they influence the design of your lab
- Build an extensive baseline lab environment on any one of five commonly used hypervisors (VMware vSphere Hypervisor, VMware Fusion, VMware Workstation, Oracle Virtualbox, and Microsoft Client Hyper-V)
- Harden your lab environment against VM escapes and other security threats
- Configure the pfSense firewall distribution to provide security, segmentation, and network services to your virtual lab
- Deploy either Snort or Suricata open-source IDS platforms in IPS mode to further enhance the flexibility, segmentation and security of your lab network
- Deploy Splunk as a log management solution for your lab
- Reconfigure the provided baseline lab environment to better suit your individual needs
Easy to follow steps and illustrations throughout the book provide detailed, comprehensive guidance as you build your custom-tailored lab. Both IT and security professionals need practice environments to better hone their craft. Learn how to build and maintain your own today!
About the Author
Table of Contents
1 Purpose of this Book. 13
1.1 A Note About Software Versions. 15
2 Prerequisite Knowledge. 16
3 Hypervisor and Hardware Considerations. 18
3.1 Introduction to Virtualization. 18
3.2 Introduction to Hypervisors. 20
3.3 What is a Hypervisor?. 20
3.4 Bare-metal Hypervisors. 20
3.5 Hosted Hypervisors. 22
4 Hardware Considerations. 23
4.1 RAM as a Performance Factor 23
4.2 Disk I/O as a Performance Factor 23
What is seek time?. 24
4.3 CPU Cores and Features as a performance Factor 24
4.4 Performance is a Vicious Cycle. 25
5 Understanding Virtual Networks - Hosted vs. Bare-metal Hypervisor Networking. 26
5.1 Hosted Hypervisor Networking - Host-Only, Bridged, and NAT Network Segments. 26
5.2 Bridged Networking. 26
5.3 NAT Networking. 26
5.4Host-Only Networking. 27
5.5 Virtual Network Adapters and You. 27
5.6 Bare-metal Hypervisor Networking - Virtual Switches. 27
6 Lab Overview.. 29
6.1 Design. 30
6.2 Lab Network Description. 31
6.3 Bridged Network. 31
6.4 Management Network. 31
6.5 IPS 1 and IPS 2 Networks. 31
6.6 AFPACKET Bridging between IPS 1 and IPS 2. 32
6.7 Why All The Trouble?. 32
7 VMs, Resource Allocations, and Minimum Hardware Requirements. 34
8 Hypervisor Guides. 35
9 Setup - Microsoft Client Hyper-V.. 37
9.1 Installation. 37
9.2 Hypervisor Preferences. 41
9.3 Server Settings. 42
9.4 User Settings. 46
9.5 Virtual Switches. 47
9.6 Virtual Switch Types. 47
9.7 Creating Virtual Switches Using the Virtual Switch Manager 48
9.8 Creating the First VM, pfSense. 52
9.9 Adding a New VM.. 52
9.10 Initial VM Settings. 60
9.11 Installing pfSense. 65
9.12 Final VM Settings. 70
9.13 Network Configuration. 73
9.14 webConfigurator - Initial Setup. 77
9.15 Making Checkpoints. 79
9.16 pfSense Summary. 81
9.17 What’s Next?. 82
9.18 Final Connectivity Checks and Troubleshooting. 82
9.20 Your Turn. 85
9.21 Kali Linux VM.. 86
9.22 SIEM VM.. 88
9.23 IPS VM.. 90
9.24 Metasploitable 2. 93
9.25 Port Mirroring and MAC spoofing. 98
9.26 Configuring the IPS VM as a Port Mirroring Destination. 100
9.27 Configuring the pfSense VM as a Port Mirroring Source. 101
9.28 Port Mirroring for the Remaining VMs. 102
9.29 Next Steps. 102
10 Setup - Oracle VirtualBox. 103
10.1 Installation. 103
10.2 Hypervisor Preferences. 103
10.3 Creating the first VM, pfSense. 106
10.4 Adding a New VM.. 107
10.5 Initial VM Settings. 113
10.6 Installing pfSense. 122
10.7 Final VM Settings. 123
10.8 Network Configuration. 126
10.9 webConfigurator - Initial Setup. 131
10.10 Take a Snapshot 134
10.11 pfSense Summary. 139
10.12 What’s Next?. 140
10.13 Final Connectivity Checks and Troubleshooting. 140
10.14 Your turn. 143
10.15 Kali Linux VM.. 144
10.16 SIEM VM.. 146
10.17 IPS VM.. 148
10.18 Promiscuous Mode. 151
10.19 Metasploitable 2. 152
10.20 Next Steps. 159
11 Setup - VMware Fusion Pro. 160
11.1 Installation. 160
11.2 Hypervisor Preferences. 160
11.3 Creating the First VM, pfSense. 165
11.4 Adding a New VM.. 166
11.5 Installing pfSense. 183
11.6 Final VM Settings. 186
11.7 Network Configuration. 187
11.8 webConfigurator - Initial Setup. 190
11.9 Take a Snapshot 194
pfSense Summary. 197
11.10 What’s Next?. 198
11.11 Final Connectivity Checks and Troubleshooting. 198
11.12 Your Turn. 201
11.13 Kali Linux VM.. 202
11.14 SIEM VM.. 204
11.15 IPS VM.. 206
11.16 Metasploitable 2. 209
11.17 Next Steps. 210
12 Setup - VMware Workstation Pro. 211
12.1 Installation. 211
12.2 Hypervisor Preferences. 212
12.3 Virtual Networks. 214
Creating the First VM, pfSense. 218
12.4 Adding a New VM.. 219
12.5 Installing pfSense. 232
12.6 Final VM Settings. 236
12.7 Network Configuration. 238
12.8 webConfigurator - Initial Setup. 241
12.9 Take a Snapshot 244
12.10 pfSense Summary. 246
12.11 What’s Next?. 247
12.12 Final Connectivity Checks and Troubleshooting. 247
12.13 Your Turn. 250
12.14 Kali Linux VM.. 251
12.15 SIEM VM.. 253
12.16 IPS VM.. 256
12.17 Metasploitable 2. 259
12.18 Next Steps. 261
13 Setup - VMware vSphere Hypervisor (ESXi) 262
13.1 Installation. 262
13.2 Accessing ESXi 265
13.3 Hypervisor Setup. 268
13.4 Licensing. 268
13.5 Networking and Virtual Switches. 268
13.6 Creating Virtual Switches. 269
13.7 Port Groups. 273
13.8 Adding Port Groups via the ESX Web Interface. 274
13.9 Resolving Some Web Interface Bugs. 275
13.10 VMware Flings. 275
13.11 What if I don’t want to use experimental software?. 281
13.12 Final Flight Check. 287
13.13 Creating the First VM, pfSense. 289
13.14 Adding a New VM.. 293
13.15 Installing pfSense. 301
13.16 Final VM Settings. 305
13.17 Network Configuration. 307
13.18 webConfigurator - Initial Setup. 311
13.19 Take a Snapshot 314
13.20 pfSense Summary. 316
13.21 What’s Next?. 317
13.22 Final Connectivity Checks and Troubleshooting. 317
13.23 Your Turn. 320
13.24 Kali Linux VM.. 321
13.25 SIEM VM.. 323
13.26 IPS VM.. 325
13.27 Metasploitable 2. 327
13.28 Next Steps. 336
14 pfSense Firewall Rules and Network Services Guide. 337
14.1 Firewall Rule Configuration - Hosted Hypervisors. 337
14.2 Firewall Rules for the Bridged Network. 337
14.3 Firewall Rules for the Management Network. 338
14.4 Firewall Rules for the IPS Network. 340
14.5 Firewall Rule Configuration - Bare-metal Hypervisors. 342
14.6 Firewall rules for the Bridged Network. 342
14.7 Firewall Rules for the Management Network. 343
14.8 Firewall Rules for the IPS Network. 344
14.9 Network Configuration - Core Network Services. 346
14.10 NTP.. 346
14.11 DHCP.. 348
14.12 DNS Resolver 350
14.13 Squid Proxy. 352
15 Defense in Depth for Windows Hosted Hypervisors. 355
15.1 Unbinding Network Protocols on Windows Virtual Adapters. 356
15.2 Using Windows Firewall to Limit Exposure of Windows Hypervisor Hosts. 361
16 Automated Patching for Linux Lab VMs. 370
16.1 updater.sh. 370
17 Remote Lab Management 372
17.1 Windows Remote Access. 372
17.2 Persistent Static Routes. 372
17.3 Windows SSH and SCP Software. 375
17.4 Generating an SSH key in Windows using PuTTYgen. 376
17.5 Using mRemoteNG - Connection Files. 386
17.6 Using mRemoteNG - PuTTY Saved Sessions. 391
17.7 Enabling Key-Based Authentication on Linux/Unix systems. 396
17.8 Key Copy Method 1: echo append to authorized_keys. 397
17.9 Key Copy Method 2: using vi. 398
17.10 Key Copy Method 3: SCP.. 400
17.11 Making sure it worked. 404
17.12 How to use Key-Based Authentication with WinSCP.. 405
17.13 Linux, BSD, and OS X Remote Access. 409
17.14 Static Routes in Linux and OS X.. 409
17.15 Adding Routes to Linux with the ip Command. 409
17.16 Adding Routes to OS X/BSD with the route command. 410
17.17 Making Static Routes Persistent 411
17.18 Linux and BSD Route Persistence via /etc/rc.local. 411
17.19 OS X Route Persistence with Hosted Hypervisors. 413
17.20 flightcheck.sh. 414
17.21 OS X route persistence for Bare-metal Hypervisors. 417
17.22 flightcheckBM.sh. 417
17.23 The ssh and scp terminal Applications. 419
17.24 iTerm2 and Terminator 420
17.25 Generating ssh keys using ssh-keygen. 422
17.26 The alias Command. 424
17.27 Enabling Key-Based Authentication in Unix/Linux Systems. 428
17.28 Key Copy Method 1: echo append to authorized_keys. 429
17.29 Key Copy Method 2: using vi. 432
17.30 Key Copy Method 3: SCP.. 435
17.31 Making Sure it worked. 437
17.32 Using key-based authentication with the SCP command. 440
17.33 How to Enable SSH on Kali Linux. 442
17.34 Enabling, and securing root SSH.. 448
17.35 Adding your SSH public key to root’s authorized_keys file. 449
17.36 Disabling password authentication entirely via sshd_config. 453
18 Network Design Factors When Working with bare-metal Hypervisors. 456
18.1 Prereqs. 458
18.2 Creating Static Routes. 459
18.3 Creating Firewall Rules. 460
18.4 Dealing with DHCP.. 464
18.5 Jump Boxing. 465
18.6 Using a Raspberry Pi as a Jump Box. 467
18.7 Installing the Raspbian Image to your Raspberry Pi 467
18.8 Configuring Raspbian. 473
18.9 Creating a Jump Box VM.. 478
18.10 Other Physical Jump Boxes. 484
18.11 Preparing Your Jump Box for Service. 485
18.12 Configuring Static DHCP Address Allocations. 485
18.13 Enabling Key-Based Authentication for your Jump Box. 486
18.14 Windows. 486
18.15 Linux/OS X/BSD.. 489
18.16 Adding Static Routes to your Jump Box. 491
18.17 Adding Firewall Rules and SSH tunnels to allow access to the VM lab networks. 492
18.18 I Can Still Access the pfSense webConfigurator with my Management Workstation 493
18.19 I Have Lost Access to the pfSense webConfigurator UI 495
18.20 TCP Forwarding and You. 499
18.21 Windows SSH Tunnels. 500
18.22 Linux/BSD/OS X SSH Tunnels. 507
18.23 Testing your Dynamic Tunnels with FoxyProxy. 510
18.24 Troubleshooting Dynamic Tunnels. 516
18.25 Testing Your Forward Tunnels. 520
18.26 Windows. 520
18.27 Linux/OS X/BSD.. 524
18.28 Understanding SSH Tunnels. 527
18.29 Closing Notes on Jump Boxing. 528
18.30 Key-Based Authentication: Managing SSH Keys for Tunneled Connections. 528
19 IPS Installation Guide. 530
19.1 Installing and configuring Snort (via Autosnort) 530
19.2 Installing and configuring Suricata (via Autosuricata) 536
19.3 Testing your IPS Bridge. 541
20 Splunk Installation Guide. 544
20.1 Initial Setup (Server Installation) 545
20.2 (Optional) Requesting and Implementing a Splunk Dev License. 556
20.3 Universal Forwarder Setup. 560
20.4 Splunk TA for Suricata. 563
20.5 Hurricane Labs Add-On for Unified2. 568
20.6 Starting The Forwarder + Persistence. 572
20.7 Testing Splunk and the Universal Forwarder 575
20.8 Generating The Test Battery. 576
20.9 Verifying Results with Snort 584
20.10 Verifying Results with Suricata. 587
21 In Your Own Image. 590
21.1 Visions of What Might Be. 590
21.2 Malware Analysis Lab. 591
21.3 Penetration Testing Lab. 594
21.4 IT/OPs Lab. 596
22 Summary. 598
22.1 What Have We Learned Today?. 598
23 Epilogue: We Need You (Now More than Ever) 600
The Leanpub 45-day 100% Happiness Guarantee
Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
See full terms
Do Well. Do Good.
Authors have earned$10,898,062writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers), EPUB (for phones and tablets) and MOBI (for Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
Top Books
- #1
Functional event-driven architecture: Powered by Scala 3
Gabriel VolpeExplore the event-driven architecture (EDA) in a purely functional way, mainly powered by Fs2 streams in Scala 3!
Leverage your functional programming skills by designing and writing stateless microservices that scale, powered by stateful message brokers.
- #2
Practical FP in Scala: A hands-on approach
Gabriel VolpeA practical book aimed for those familiar with functional programming in Scala who are yet not confident about architecting an application from scratch.
Together, we will develop a purely functional application using the best libraries in the Cats ecosystem, while learning about design patterns and best practices.
- #3
入門 日本語自然言語処理
Masato Hagiwara and Paul O'Leary McCann日本語テキストを処理したい全てのプログラマ・エンジニアの方へ。分かち書きなどの基本から、自然言語生成などの最新の話題までをカバー。動かして学べるコードや、参照文献も付いています。言語学や機械学習の知識が無くても問題ありません。
- #4
Book of Monads
Alejandro Serrano MenaIn functional programming, at the heart of input/output, failure, state, logic, and much more, lies a powerful abstraction called monad. This book provides a journey from the very first concepts, to the myriad of monads available to programmers, down to the categorical foundations.
- #5
Ansible for DevOps
Jeff GeerlingAnsible is a simple, but powerful, server and configuration management tool. Learn to use Ansible effectively, whether you manage one server—or thousands.
- #6
Functional Programming Made Easier
Charles ScalfaniA Functional Programming book from beginner to advanced without skipping a single step along the way.
In my 40 years of programming, I've felt that programming books always let me down, especially Functional Programming books. So, I wrote the book I wish I had 5 years ago.
Functional Programming will never be easy, but it can be easier.
- #7
Visualise, document and explore your software architecture
Simon BrownA short guide to visualising, documenting and exploring your software architecture.
- #8
Introducing EventStorming
Alberto BrandoliniThe deepest tutorial and explanation about EventStorming, straight from the inventor.
- #9
Introduction to Japanese Natural Language Processing
Masato Hagiwara and Paul O'Leary McCannA thorough guide for programmers working with Japanese text, covering fundamental issues like tokenization and recent research topics like generating natural language texts. Working examples are accompanied by extensive reference to allow problem solving even without a background in Japanese or Machine Learning.
- #10
Cloud Strategy
Gregor Hohpe“Strategy is the difference between making a wish and making it come true.” A successful migration to the cloud can transform your organization, but it shouldn’t be driven by wishes. This book tells you how to develop a sound strategy guided by frameworks and decision models without being overly abstract nor getting lost in product details.
Top Bundles
- #1
Software Architecture for Developers: Volumes 1 & 2 - Technical leadership and communication
2 Books
"Software Architecture for Developers" is a practical and pragmatic guide to modern, lightweight software architecture, specifically aimed at developers. You'll learn:The essence of software architecture.Why the software architecture role should include coding, coaching and collaboration.The things that you really need to think about before... - #2
Modern C++ Collection
3 Books
Get All about Modern C++C++ Standard Library, including C++20Concurrency with Modern C++, including C++20C++20Each book has about 200 complete code examples. Updates are included. When I update one of the books, you immediately get the updated bundle. You can expect significant updates to each new C++ standard (C++23, C++26, .. ) and also... - #3
CCIE Service Provider Ultimate Study Bundle
2 Books
Piotr Jablonski, Lukasz Bromirski, and Nick Russo have joined forces to deliver the only CCIE Service Provider training resource you'll ever need. This bundle contains a detailed and challenging collection of workbook labs, plus an extensively detailed technical reference guide. All of us have earned the CCIE Service Provider certification... - #4
All the Books of The Medical Futurist
6 Books
We put together the most popular books from The Medical Futurist to provide a clear picture about the major trends shaping the future of medicine and healthcare. Digital health technologies, artificial intelligence, the future of 20 medical specialties, big pharma, data privacy, digital health investments and how technology giants such as Amazon... - #6
Abandon Your Job - Leaving the Rat Race with Python
8 Books
Now, get all the great Python and Freelancing books from finxter.com in one single bundle!Coffee Break Python - All Python BasicsCoffee Break Python Workbook - Practice the basics of PythonCoffee Break Python Mastery Workouts - Practice advanced Python conceptsCoffee Break Python Slicing - All about SlicingCoffee Break Python NumPy - Get started... - #8
10 Books Bundle - A New Career in Tech 🚀
10 Books
Do you want to create yourself a new and profitable skillset - in one year or less? Do you want to position yourself on the right side of change finally? Do you want to work from home and set your own work schedule while choosing fun and interesting coding projects? Software developers and freelance developersearn six figuresin the US, according... - #9
The Python Craftsman
3 Books
The Python Craftsman series comprises The Python Apprentice, The Python Journeyman, and The Python Master. The first book is primarily suitable for for programmers with some experience of programming in another language. If you don't have any experience with programming this book may be a bit daunting. You'll be learning not just a programming...
