Building Virtual Machine Labs
Building Virtual Machine Labs
A Hands-On Guide
About the Book
Note: There is an updated version of this book, completely re-written and updated. Go here: https://leanpub.com/avatar2
Virtualization is a skill that most IT or security pros take for granted. The sheer number of choices and requirements can be a daunting challenge to face for beginners and veterans alike.
With this book, you'll learn how to build a robust, customizable virtual environment suitable for either a personal home lab, as well or a dedicated, shared lab environment. You will learn how to:
- Understand the mechanics of virtualization and how they influence the design of your lab
- Build an extensive baseline lab environment on any one of five commonly used hypervisors (VMware vSphere Hypervisor, VMware Fusion, VMware Workstation, Oracle Virtualbox, and Microsoft Client Hyper-V)
- Harden your lab environment against VM escapes and other security threats
- Configure the pfSense firewall distribution to provide security, segmentation, and network services to your virtual lab
- Deploy either Snort or Suricata open-source IDS platforms in IPS mode to further enhance the flexibility, segmentation and security of your lab network
- Deploy Splunk as a log management solution for your lab
- Reconfigure the provided baseline lab environment to better suit your individual needs
Easy to follow steps and illustrations throughout the book provide detailed, comprehensive guidance as you build your custom-tailored lab. Both IT and security professionals need practice environments to better hone their craft. Learn how to build and maintain your own today!
Table of Contents
1 Purpose of this Book. 13
1.1 A Note About Software Versions. 15
2 Prerequisite Knowledge. 16
3 Hypervisor and Hardware Considerations. 18
3.1 Introduction to Virtualization. 18
3.2 Introduction to Hypervisors. 20
3.3 What is a Hypervisor?. 20
3.4 Bare-metal Hypervisors. 20
3.5 Hosted Hypervisors. 22
4 Hardware Considerations. 23
4.1 RAM as a Performance Factor 23
4.2 Disk I/O as a Performance Factor 23
What is seek time?. 24
4.3 CPU Cores and Features as a performance Factor 24
4.4 Performance is a Vicious Cycle. 25
5 Understanding Virtual Networks - Hosted vs. Bare-metal Hypervisor Networking. 26
5.1 Hosted Hypervisor Networking - Host-Only, Bridged, and NAT Network Segments. 26
5.2 Bridged Networking. 26
5.3 NAT Networking. 26
5.4Host-Only Networking. 27
5.5 Virtual Network Adapters and You. 27
5.6 Bare-metal Hypervisor Networking - Virtual Switches. 27
6 Lab Overview.. 29
6.1 Design. 30
6.2 Lab Network Description. 31
6.3 Bridged Network. 31
6.4 Management Network. 31
6.5 IPS 1 and IPS 2 Networks. 31
6.6 AFPACKET Bridging between IPS 1 and IPS 2. 32
6.7 Why All The Trouble?. 32
7 VMs, Resource Allocations, and Minimum Hardware Requirements. 34
8 Hypervisor Guides. 35
9 Setup - Microsoft Client Hyper-V.. 37
9.1 Installation. 37
9.2 Hypervisor Preferences. 41
9.3 Server Settings. 42
9.4 User Settings. 46
9.5 Virtual Switches. 47
9.6 Virtual Switch Types. 47
9.7 Creating Virtual Switches Using the Virtual Switch Manager 48
9.8 Creating the First VM, pfSense. 52
9.9 Adding a New VM.. 52
9.10 Initial VM Settings. 60
9.11 Installing pfSense. 65
9.12 Final VM Settings. 70
9.13 Network Configuration. 73
9.14 webConfigurator - Initial Setup. 77
9.15 Making Checkpoints. 79
9.16 pfSense Summary. 81
9.17 What’s Next?. 82
9.18 Final Connectivity Checks and Troubleshooting. 82
9.20 Your Turn. 85
9.21 Kali Linux VM.. 86
9.22 SIEM VM.. 88
9.23 IPS VM.. 90
9.24 Metasploitable 2. 93
9.25 Port Mirroring and MAC spoofing. 98
9.26 Configuring the IPS VM as a Port Mirroring Destination. 100
9.27 Configuring the pfSense VM as a Port Mirroring Source. 101
9.28 Port Mirroring for the Remaining VMs. 102
9.29 Next Steps. 102
10 Setup - Oracle VirtualBox. 103
10.1 Installation. 103
10.2 Hypervisor Preferences. 103
10.3 Creating the first VM, pfSense. 106
10.4 Adding a New VM.. 107
10.5 Initial VM Settings. 113
10.6 Installing pfSense. 122
10.7 Final VM Settings. 123
10.8 Network Configuration. 126
10.9 webConfigurator - Initial Setup. 131
10.10 Take a Snapshot 134
10.11 pfSense Summary. 139
10.12 What’s Next?. 140
10.13 Final Connectivity Checks and Troubleshooting. 140
10.14 Your turn. 143
10.15 Kali Linux VM.. 144
10.16 SIEM VM.. 146
10.17 IPS VM.. 148
10.18 Promiscuous Mode. 151
10.19 Metasploitable 2. 152
10.20 Next Steps. 159
11 Setup - VMware Fusion Pro. 160
11.1 Installation. 160
11.2 Hypervisor Preferences. 160
11.3 Creating the First VM, pfSense. 165
11.4 Adding a New VM.. 166
11.5 Installing pfSense. 183
11.6 Final VM Settings. 186
11.7 Network Configuration. 187
11.8 webConfigurator - Initial Setup. 190
11.9 Take a Snapshot 194
pfSense Summary. 197
11.10 What’s Next?. 198
11.11 Final Connectivity Checks and Troubleshooting. 198
11.12 Your Turn. 201
11.13 Kali Linux VM.. 202
11.14 SIEM VM.. 204
11.15 IPS VM.. 206
11.16 Metasploitable 2. 209
11.17 Next Steps. 210
12 Setup - VMware Workstation Pro. 211
12.1 Installation. 211
12.2 Hypervisor Preferences. 212
12.3 Virtual Networks. 214
Creating the First VM, pfSense. 218
12.4 Adding a New VM.. 219
12.5 Installing pfSense. 232
12.6 Final VM Settings. 236
12.7 Network Configuration. 238
12.8 webConfigurator - Initial Setup. 241
12.9 Take a Snapshot 244
12.10 pfSense Summary. 246
12.11 What’s Next?. 247
12.12 Final Connectivity Checks and Troubleshooting. 247
12.13 Your Turn. 250
12.14 Kali Linux VM.. 251
12.15 SIEM VM.. 253
12.16 IPS VM.. 256
12.17 Metasploitable 2. 259
12.18 Next Steps. 261
13 Setup - VMware vSphere Hypervisor (ESXi) 262
13.1 Installation. 262
13.2 Accessing ESXi 265
13.3 Hypervisor Setup. 268
13.4 Licensing. 268
13.5 Networking and Virtual Switches. 268
13.6 Creating Virtual Switches. 269
13.7 Port Groups. 273
13.8 Adding Port Groups via the ESX Web Interface. 274
13.9 Resolving Some Web Interface Bugs. 275
13.10 VMware Flings. 275
13.11 What if I don’t want to use experimental software?. 281
13.12 Final Flight Check. 287
13.13 Creating the First VM, pfSense. 289
13.14 Adding a New VM.. 293
13.15 Installing pfSense. 301
13.16 Final VM Settings. 305
13.17 Network Configuration. 307
13.18 webConfigurator - Initial Setup. 311
13.19 Take a Snapshot 314
13.20 pfSense Summary. 316
13.21 What’s Next?. 317
13.22 Final Connectivity Checks and Troubleshooting. 317
13.23 Your Turn. 320
13.24 Kali Linux VM.. 321
13.25 SIEM VM.. 323
13.26 IPS VM.. 325
13.27 Metasploitable 2. 327
13.28 Next Steps. 336
14 pfSense Firewall Rules and Network Services Guide. 337
14.1 Firewall Rule Configuration - Hosted Hypervisors. 337
14.2 Firewall Rules for the Bridged Network. 337
14.3 Firewall Rules for the Management Network. 338
14.4 Firewall Rules for the IPS Network. 340
14.5 Firewall Rule Configuration - Bare-metal Hypervisors. 342
14.6 Firewall rules for the Bridged Network. 342
14.7 Firewall Rules for the Management Network. 343
14.8 Firewall Rules for the IPS Network. 344
14.9 Network Configuration - Core Network Services. 346
14.10 NTP.. 346
14.11 DHCP.. 348
14.12 DNS Resolver 350
14.13 Squid Proxy. 352
15 Defense in Depth for Windows Hosted Hypervisors. 355
15.1 Unbinding Network Protocols on Windows Virtual Adapters. 356
15.2 Using Windows Firewall to Limit Exposure of Windows Hypervisor Hosts. 361
16 Automated Patching for Linux Lab VMs. 370
16.1 updater.sh. 370
17 Remote Lab Management 372
17.1 Windows Remote Access. 372
17.2 Persistent Static Routes. 372
17.3 Windows SSH and SCP Software. 375
17.4 Generating an SSH key in Windows using PuTTYgen. 376
17.5 Using mRemoteNG - Connection Files. 386
17.6 Using mRemoteNG - PuTTY Saved Sessions. 391
17.7 Enabling Key-Based Authentication on Linux/Unix systems. 396
17.8 Key Copy Method 1: echo append to authorized_keys. 397
17.9 Key Copy Method 2: using vi. 398
17.10 Key Copy Method 3: SCP.. 400
17.11 Making sure it worked. 404
17.12 How to use Key-Based Authentication with WinSCP.. 405
17.13 Linux, BSD, and OS X Remote Access. 409
17.14 Static Routes in Linux and OS X.. 409
17.15 Adding Routes to Linux with the ip Command. 409
17.16 Adding Routes to OS X/BSD with the route command. 410
17.17 Making Static Routes Persistent 411
17.18 Linux and BSD Route Persistence via /etc/rc.local. 411
17.19 OS X Route Persistence with Hosted Hypervisors. 413
17.20 flightcheck.sh. 414
17.21 OS X route persistence for Bare-metal Hypervisors. 417
17.22 flightcheckBM.sh. 417
17.23 The ssh and scp terminal Applications. 419
17.24 iTerm2 and Terminator 420
17.25 Generating ssh keys using ssh-keygen. 422
17.26 The alias Command. 424
17.27 Enabling Key-Based Authentication in Unix/Linux Systems. 428
17.28 Key Copy Method 1: echo append to authorized_keys. 429
17.29 Key Copy Method 2: using vi. 432
17.30 Key Copy Method 3: SCP.. 435
17.31 Making Sure it worked. 437
17.32 Using key-based authentication with the SCP command. 440
17.33 How to Enable SSH on Kali Linux. 442
17.34 Enabling, and securing root SSH.. 448
17.35 Adding your SSH public key to root’s authorized_keys file. 449
17.36 Disabling password authentication entirely via sshd_config. 453
18 Network Design Factors When Working with bare-metal Hypervisors. 456
18.1 Prereqs. 458
18.2 Creating Static Routes. 459
18.3 Creating Firewall Rules. 460
18.4 Dealing with DHCP.. 464
18.5 Jump Boxing. 465
18.6 Using a Raspberry Pi as a Jump Box. 467
18.7 Installing the Raspbian Image to your Raspberry Pi 467
18.8 Configuring Raspbian. 473
18.9 Creating a Jump Box VM.. 478
18.10 Other Physical Jump Boxes. 484
18.11 Preparing Your Jump Box for Service. 485
18.12 Configuring Static DHCP Address Allocations. 485
18.13 Enabling Key-Based Authentication for your Jump Box. 486
18.14 Windows. 486
18.15 Linux/OS X/BSD.. 489
18.16 Adding Static Routes to your Jump Box. 491
18.17 Adding Firewall Rules and SSH tunnels to allow access to the VM lab networks. 492
18.18 I Can Still Access the pfSense webConfigurator with my Management Workstation 493
18.19 I Have Lost Access to the pfSense webConfigurator UI 495
18.20 TCP Forwarding and You. 499
18.21 Windows SSH Tunnels. 500
18.22 Linux/BSD/OS X SSH Tunnels. 507
18.23 Testing your Dynamic Tunnels with FoxyProxy. 510
18.24 Troubleshooting Dynamic Tunnels. 516
18.25 Testing Your Forward Tunnels. 520
18.26 Windows. 520
18.27 Linux/OS X/BSD.. 524
18.28 Understanding SSH Tunnels. 527
18.29 Closing Notes on Jump Boxing. 528
18.30 Key-Based Authentication: Managing SSH Keys for Tunneled Connections. 528
19 IPS Installation Guide. 530
19.1 Installing and configuring Snort (via Autosnort) 530
19.2 Installing and configuring Suricata (via Autosuricata) 536
19.3 Testing your IPS Bridge. 541
20 Splunk Installation Guide. 544
20.1 Initial Setup (Server Installation) 545
20.2 (Optional) Requesting and Implementing a Splunk Dev License. 556
20.3 Universal Forwarder Setup. 560
20.4 Splunk TA for Suricata. 563
20.5 Hurricane Labs Add-On for Unified2. 568
20.6 Starting The Forwarder + Persistence. 572
20.7 Testing Splunk and the Universal Forwarder 575
20.8 Generating The Test Battery. 576
20.9 Verifying Results with Snort 584
20.10 Verifying Results with Suricata. 587
21 In Your Own Image. 590
21.1 Visions of What Might Be. 590
21.2 Malware Analysis Lab. 591
21.3 Penetration Testing Lab. 594
21.4 IT/OPs Lab. 596
22 Summary. 598
22.1 What Have We Learned Today?. 598
23 Epilogue: We Need You (Now More than Ever) 600
The Leanpub 60-day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
See full terms
Do Well. Do Good.
Authors have earned$11,600,486writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers), EPUB (for phones and tablets) and MOBI (for Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
Top Books
C++20 - The Complete Guide
Nicolai M. JosuttisAll new language and library features of C++20 (for those who know previous C++ versions).
The book presents all new language and library features of C++20. Learn how this impacts day-to-day programming, to benefit in practice, to combine new features, and to avoid all new traps.
Buy early, pay less, free updates.
Other books:
Jetpack Compose internals
Jorge CastilloJetpack Compose is the future of Android UI. Master how it works internally and become a more efficient developer with it. You'll also find it valuable if you are not an Android dev. This book provides all the details to understand how the Compose compiler & runtime work, and how to create a client library using them.
Cronache di Domain-Driven Design
Francesco Strazzullo, Matteo Baglini, Gianluca Padovani, Emanuele DelBono, Marco Consolaro, Alessandro Colla, Uberto Barbini, Alberto Acerbis, Julie Camosseto, DDD Open, and Alberto BrandoliniCronache di Domain-Driven Design: un libro corale in italiano fatto di storie indipendenti tra loro, che sono il risultato dell’applicazione di Domain-Driven Design su progetti reali.
Ansible for DevOps
Jeff GeerlingAnsible is a simple, but powerful, server and configuration management tool. Learn to use Ansible effectively, whether you manage one server—or thousands.
R Programming for Data Science
Roger D. PengThis book brings the fundamentals of R programming to you, using the same material developed as part of the industry-leading Johns Hopkins Data Science Specialization. The skills taught in this book will lay the foundation for you to begin your journey learning data science. Printed copies of this book are available through Lulu.
OpenIntro Statistics
David Diez, Christopher Barr, Mine Cetinkaya-Rundel, and OpenIntroA complete foundation for Statistics, also serving as a foundation for Data Science.
Leanpub revenue supports OpenIntro (US-based nonprofit) so we can provide free desk copies to teachers interested in using OpenIntro Statistics in the classroom and expand the project to support free textbooks in other subjects.
More resources: openintro.org.
Functional event-driven architecture: Powered by Scala 3
Gabriel VolpeExplore the event-driven architecture (EDA) in a purely functional way, mainly powered by Fs2 streams in Scala 3!
Leverage your functional programming skills by designing and writing stateless microservices that scale, powered by stateful message brokers.
Mastering STM32 - Second Edition
Carmine NovielloWith more than 1200 microcontrollers, STM32 is probably the most complete ARM Cortex-M platform on the market. This book aims to be the first guide around that introduces the reader to this exciting MCU portfolio from ST Microelectronics and its official CubeHAL and STM32CubeIDE development environment.
CCIE Service Provider Version 4 Written and Lab Exam Comprehensive Guide
Nicholas RussoThe service provider landscape has changed rapidly over the past several years. Networking vendors are continuing to propose new standards, techniques, and procedures for overcoming new challenges while concurrently reducing costs and delivering new services. Cisco has recently updated the CCIE Service Provider track to reflect these changes; this book represents the author's personal journey in achieving that certification.
CCIE SP v5.0
Łukasz Bromirski, Piotr Jablonski, and Nicholas RussoAre you striving to prepare to and pass CCIE SP lab exam? Take the opportunity and get this workbook! With the attached initial cfg files you will prepare yourself for the CCIE SP exam as well as learn SP technologies applicable to all kinds of today modern networks! This workbook covers blueprint topics and provides challenging examples.
Top Bundles
- #1
Software Architecture for Developers: Volumes 1 & 2 - Technical leadership and communication
2 Books
"Software Architecture for Developers" is a practical and pragmatic guide to modern, lightweight software architecture, specifically aimed at developers. You'll learn:The essence of software architecture.Why the software architecture role should include coding, coaching and collaboration.The things that you really need to think about before... - #2
Practical FP in Scala + Functional event-driven architecture
2 Books
Practical FP in Scala (A hands-on approach) & Functional event-driven architecture, aka FEDA, (Powered by Scala 3), together as a bundle! The content of PFP in Scala is a requirement to understand FEDA so why not take advantage of this bundle!? - #3
All the Books of The Medical Futurist
6 Books
We put together the most popular books from The Medical Futurist to provide a clear picture about the major trends shaping the future of medicine and healthcare. Digital health technologies, artificial intelligence, the future of 20 medical specialties, big pharma, data privacy, digital health investments and how technology giants such as Amazon... - #4
CCIE Service Provider Ultimate Study Bundle
2 Books
Piotr Jablonski, Lukasz Bromirski, and Nick Russo have joined forces to deliver the only CCIE Service Provider training resource you'll ever need. This bundle contains a detailed and challenging collection of workbook labs, plus an extensively detailed technical reference guide. All of us have earned the CCIE Service Provider certification... - #6
Pattern-Oriented Memory Forensics and Malware Detection
2 Books
This training bundle for security engineers and researchers, malware and memory forensics analysts includes two accelerated training courses for Windows memory dump analysis using WinDbg. It is also useful for technical support and escalation engineers who analyze memory dumps from complex software environments and need to check for possible... - #7
Modern C++ Collection
3 Books
Get All about Modern C++C++ Standard Library, including C++20Concurrency with Modern C++, including C++20C++20Each book has about 200 complete code examples. Updates are included. When I update one of the books, you immediately get the updated bundle. You can expect significant updates to each new C++ standard (C++23, C++26, .. ) and also... - #9
Retromat eBook Bundle for Agile Retrospectives
2 Books
If you facilitate retrospectives this bundle is for you: "Plans for Retrospectives" helps beginners learn the lay of the land with tried-and-true plans. Once you know your way around, "Run great agile retrospectives" contains all 135+ activities in Retromat for you to mix and match.