sandbox virtual machine setup guide

7/26/2019 Sandbox Virtual Machine Setup Guide

1/12

IMPROVING ACCESSIBILITY, EFFICIENCY, AND INTEGRITY IN

HEALTHCARE DELIVERY THROUGH STANDARDIZED

INFORMATION SECURITY FRAMEWORKS

Brian S. Coats

Dissertation Supplemental Material

Security Testing Sandbox Virtual Machine Setup Guide

There are a number of steps required to get the test environment set up and working.

These steps are laid out below and must be completed to make the networking components of the

Virtual Machines (VM) functional.

1.1. Basic Requirements

All the VMs were created and tested with VMware software. To use the VM

environments, either VMware Player or VMware Workstation is required. The majority of the

configuration and testing to these VMs was performed with VMware Player 4.0a free

download can be obtained athttps://my.vmware.com/web/vmware/downloads. The VMs were

created on 64-bit machines and thus require a 64-bit host machine to function properly. VMware

is considerably memory intensive, so it is likewise recommended that the VMware host

computer have a least a minimum of 4GB of memory. To run all VMs in this demonstration

environment at once, it is suggested that a couple VMware host computers be utilized for better

performance.

1.2.

Getting Started

All the VMs, including the demonstration environment and the penetration tester hosts,

are stored in separate folders with descriptive names that match the earlier diagram. The entire

folder for each VM should be transferred to the VMware host computer prior to attempting to
https://my.vmware.com/web/vmware/downloadshttps://my.vmware.com/web/vmware/downloadshttps://my.vmware.com/web/vmware/downloadshttps://my.vmware.com/web/vmware/downloads


2/12

2

play the VM. Once all files are in place, it is recommended to bring up one or 2 VMs at a time

per VMware host as the startup process from the VM suspended state is resource intensive. All

VMs that are designated as Internal or DMZ have their networking set to use custom VLANs.

The VMs designated as External have their networking set to function in Bridged mode.

More information on specific VMware network configurations can be found on the VMware

website -http://www.vmware.com/support/pubs/.

1.3. Setting up the BackTrack VMs

1) Launch the BackTrack Virtual Machine by opening the .vmx file within the desired

BackTrack folder (VM2).

2) The first time the BackTrack VM is launched, the VM Player/Workstation will ask if the

VM was copied or moved. Select I Copied It.

3) VM will start from suspended state and terminal will be present on the screen. In the

event the suspended state does not start at the anticipated state, the VM can be restarted.

The root credentials are root::toor, which are default values for BackTrack

distributions.

4) The BackTrack VM can be configured to use static network configurations or DHCP.

Each VM comes with static configurations as indicated in the earlier diagram.
http://www.vmware.com/support/pubs/http://www.vmware.com/support/pubs/http://www.vmware.com/support/pubs/http://www.vmware.com/support/pubs/


3/12

3

5) To modify the static network configuration, open a terminal and view the file

/etc/network/interfaces. All the network configuration parameters are included in this file

except DNS. The BackTrack VMs do not have DNS configured.

1.4. Setting up the Ubuntu VMs

1) Launch the Ubuntu Virtual Machine by opening the .vmx file within the desired Ubuntu

folder (VM1).


4/12

4

2) The first time the BackTrack VM is launched, the VM Player/Workstation will ask if the

VM was copied or moved. Select I Copied It.

3) The VM will start from suspended state. In the event the suspended state does not start

correctly, the VM can be restarted. The authentication credentials for all non-BackTrack

VMs are vimes::password1! The root password for all non-BackTrack VMs is also

password1!.

4) The next step is to configure the Ubuntu VM for the appropriate network connection. Be

sure you are placing the VM on the internal LAN segment if you are attempting to

perform a Full Internal Scan of target hosts or on an external LAN segment to perform a

Full External Scan of target hosts.

5) Any network configuration changes should be made as appropriate by clicking System

Settings in the left menu.


5/12

5

6) This will bring up the System Settings window. Choose Network and the Network

configuration window will open.

7) Next click Configure with the Wired connection selected as shown above. This will

present the Wiredconnection configuration window. Change the settings as appropriate

under theIPv4 Settings tab.


6/12

6

8) Once all network configuration changes have been made, it is recommended to restart

the VM to ensure the changes have taken affect and the VM can communicate on the

desired network.

1.5. Setting up the Test Target Hosts

1) All the test target hosts in the demonstration environment are CentOS VMs. There is no

direct requirement that these VMs be used. They are only included for testing purposes

and provided use cases for the penetration tester VMs.

2) The desired target host can be launched by opening the .vmx file in the desired VMs

folder. The first time the target host is launched, the VM Player/Workstation will ask if

the VM was copied or moved. Select I Copied It. At this stage the VM

Player/Workstation will generate a new MAC address for the virtual NIC. This event

will require a configuration change mentioned below.


7/12

7

3) The VM will likely start from suspended state. In the event the suspended state does not

start correctly, the VM can be restarted. The authentication credentials for all non-

BackTrack VMs are vimes::password1! The root password for all non-BackTrack

VMs is also password1!. If the VM started from a suspended state, a full restart is

necessary at this point for the new virtual NIC to be detected by the operating system and

properly update the networking related configuration files.

4) Once the VM has successfully restarted, authenticate into the VM and open a terminal

session. Next, view the file /etc/udev/rules.d/70-persistent-net.rules. If there are more

Ethernet adapters detected besides eth0, as shown below, remove all Ethernet adapters

EXCEPT the eth0 adapter.

5) From the VMware host computer, edit the .vmx file that corresponds to this VM and was

opened to launch this VM. Look for the parameter, ethernet0.generatedAddress, and

ensure that the MAC address value for eth0 matches the MAC address value in the


8/12

8

.vmx file. If they are different, copy the value from the .vmx file to the

/etc/udev/rules.d/70-persistent-net.rules file on the VM. Save and close the file, then

restart the machine once more if any changes were made.

6) Open logged into the VM, open a terminal session and view the file

/etc/sysconfig/network-scripts/ifcfg-eth0. This file holds all the network configuration

parameters and can be modified as necessary. It may also be necessary to update the

HWADDRparameter to reflect the appropriate MAC address used in the prior step.

7) After all appropriate changes have been made the file must be saved and closed. At this

point, one final system restart is necessary or simply a restart of the network service using

/etc/init.d/network restart. Provided there are no errors produced, the VM should now be

properly configured and accessible based on the network settings specified.


9/12

9

1.6. Setting up the Firewall

1) The Firewall is an IPFire VM. It is currently configured to segregate 3 distinct networks

as shown the diagram in I(D)(2) an external (RED) network, an internal (GREEN)

network, and a DMZ (Orange) network.

2) The root credentials for the VM are root::toor same as the BackTrack VMs. The

basic setup of the Firewall must be done from the Firewall VM itself using the console.

Once the networking has been established, the remainder of the configuration is GUI

based and can be accessed from a web browser from any machine in the GREEN

network.

3) To enter the setup at the console to configure the networking, type setup after

authenticating as root.


10/12

10

4) Go to the networking item and type enter to open the Networking configuration screens.

5) Choose Drivers and card assignments and assign the new MAC addresses are properly

assigned to the different network segments. The actual MAC addresses in use can be

found for any VM by using a text editor to open the .VMX file for the VM.


11/12

11

After assigning the proper MAC addresses to the networks, choose OK to save the

changes.

6) Next choose Address settings to set the IP addresses for each of the network segments.


12/12

12

Then use each interface and configure the IP address and network mask.

7) Finally, choose DNS and Gateway settings to configure a DNS server and external

gateway.

8) After all settings have been completed, exit the setup utility and the settings will be

pushed down to the IPFire OS.

sandbox virtual machine setup guide

Documents