Content

What is virtualization? .... 2

How might it help? . 2
Why would a server farm use virtualization? 3
The limitations . 4
Getting started . 5
Why set up a lab? .. 5
Lab set-up ... 5
Creating a virtual machine ..

Kali Linux .... 7

The BIG Showdown ... 20
VMware Workstation .. 20
Oracle VM VirtualBox 4.2 . 22
Conclusion .. 23
References .. 24

Page 1 of 27

What is Virtualization?
According to online oxforddictionaries.com the meaning of virtualize is to create a virtual
version of (a computing resource or facility) (oxford reference 2015). In other words it refers
to creating a virtual, as opposed to real, version of something. In computing this could be an
operating system, software or even a virtual network of computers, switches, routers,
servers and so on. . Lets now look at this a bit deeper to see just exactly how this is
achieved.
How might it help?
To discover how it works we can look at server computers as these are some of the most
common places you will find virtualization. Within a network the servers are among the most
powerful nodes. They can contain multiple processors enable them to run complex
calculations and tasks with ease. Usually one server is assigned one task for example an
email server will be dedicated to handle all the email correspondence within the network.
Although this makes it a lot easier to track down network problems it does not take
advantage of the processing power of the server and also if you were to allocate one server
to one task in the end you are going to be struggling for space as your network get bigger
and bigger.

(Laumer 2015)

(The Buzz Media 2015)

The overcrowding of cables is not the only problem there is also the overheating of the
servers themselves.

Page 2 of 27

(dotcom-monitor 2015)
Both of these problems can be solved through the use of server virtualization. This is
achieved by converting one server into multiple virtual machines. Each server will be able to
mimic its own unique physical device with its own operating system if needed. This will also
solve the problem of under usage of the servers under-used processing power.
Why would a server farm use virtualization?
In a business it all boils down to money which is great for the business man but as a network
administrator it has its ups and downs.
As mentioned above space and under-usage of processing power were 2 of the points
mentioned. In a virtualized environment space is consolidated meaning that one server
could be allocated several tasks to cater for. As there will be multiple operating systems
running on one server the processor will be working to its full potential.
A company could also put into practice redundancy. Usually the company would have to
buy extra servers to run the same applications in case of failure whereby the extra server
could take over. In the virtual world all the network administrator need to is to create a virtual
machine on another server thus saving money.
By creating virtual machines it gives the network administrator a chance to try out new
applications or operating systems before using them in the main stream. In a virtual
environment there is no need to worry about doing any harm to other operations running on
the same server as it is running independently.

Page 3 of 27

Through time hardware becomes out-dated and changing from one system to another can
be difficult. In the virtual world virtual hardware can be created so as to enable continuation
of the services offered by the old systems. This can also help in the transition from old to
new software and processes.
An up and coming trend in server virtualization is called migration. This equates to moving
one server environment to another. In the past this was only possible if both physical
machines ran on the same hardware, operating system and processor. In the virtual world all
this can be done even with different processors as long as they come from the same
manufacturer.
Other such benefits include:
Saving energy/going green
Reduce data center digital footprint
Faster server provisioning
Reduce hardware lock-in
Increase uptime
Improve disaster recovery
Help in moving things to the cloud
(webhosting.about
2015)
The limitations
Its not all good news. There are reasons to make a company think twice about introducing
virtualization. Some applications may demand on processing power which isnt good in a
virtual world. Virtualization divides the processing power between its virtual machines. If one
of the machines requires a lot of processing power it will slow the whole system down taking
hours to complete something that could have been done quickly in a non-virtual
environment.
It is also wise not to use too many virtual machines within one server. As each virtual
machine needs processing power it takes away power form other virtual machines. On top of
that as a data base for example gets bigger disk space could become an issue as each
virtual machine needs disk space to go with it.
If some maintenance needs to be done on a particular server then it will affect all the virtual
machines hosted by it. This could lead to major problems in the everyday running of the
company perhaps even leading to the loss of money.

Page 4 of 27

With All its limitations it is still an attractive path to take as virtulization technology increases.
Server power consumption and heat output is decreased making it more financially attractive
for companies.
(webhosting.about
2015)
Within the next section I will explain how to set up a virtual lab for penetration testing. In this
environment a company can both protect and monitor their network thus eliminating the
server farm from being compromised resulting in thousands upon thousands of dollars.
Getting started
This is being put together with the assumption that the reader is a beginner in creating a
virtual environment and also in penetration testing. It has is also being put together and
designed as if you were the hacker
Why set up a lab?
Penetration testing is a skill that takes a lot of practice along with a lot of experimenting.
Unfortunately a network administrator will not be allowed to practice on his own network
unless he knows what he is doing. So setting up a virtual lab is one way in which the
environment is totally safe and will not affect anything else on the network.
Lab Set-up
Prerequistes
The first thing you need to do is to install virtual software on your machine. For the purpose
of this assignment I will be using VMware. You can get the latest copy, VMware Workstation
11.1.0 for Windows or Linux at,
(vmware 2015)
You will also need Backtrack5:
https://www.backtrack-linux.org/downloads/
(backtrack-linux.org 2015)
Also Metasploitable2 at:
http://sourceforge.net/projects/metasploitable/files/Metasploitable2/
(sourceforge
2015)

Page 5 of 27

If you have a copy of any of the windows flavours you can also use one of them but failing
that you can download the latest version of Ubuntu Kylin at:
(ubuntu 2015)
Virtual machines come in two forms you can either download a virtual drive image or an ISO
file.

VMware virtual drive file

ISO file

In order to keep everything neat and tidy, create a folder to keep your VirtualMachines in.
You will also need a beefy machine to run at least three virtual machines plus your host
operating system. You will need at least 4gb RAM minimum to allocate to all instances. You
will find more info here:
(vmware 2015)
Creating a virtual machine
1. Once you have started your installed virtual software you will be presented with this
screen.

Page 6 of 27

A. Create a new virtual machine. If you choose this option you will need to up load the ISO
image of the operating system.
B. Open a VMware virtual disk file. Here you will have to open one of the VMware virtual
disk files.
It doesnt matter which file you download and use, you still get the same result.
For our purpose we will load Kail Linux VMware virtual drive file. You can download the file
from here: https://www.kali.org/downloads/
Kali Linux
Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and
Security Auditing. Kali contains several hundred tools aimed at various information security
tasks, such as Penetration Testing, Forensics and Reverse Engineering. Kali Linux is
developed, funded and maintained by Offensive Security, a leading information security
training company.
Kali Linux was released on the 13th March, 2013 as a complete, top-to-bottom rebuild of
BackTrack Linux, adhering completely to Debian development standards. Many tools

More than 600 penetration testing tools included

Free and always will be

Open source Git tree

FHS compliant

Wide-ranging wireless device support

Page 7 of 27

Custom kernel, patched for injection

Developed in a secure environment

GPG signed packages and repositories

Multi-language support

Completely customizable

ARMEL and ARMHF support

(docs Kali 2015)

2. We will click on open a virtual machine as our file has been saved as a VMware virtual
disk file.

3. Next, you will get asked what type of configuration do you want?
Typical (recommended): Create a workstation 10.0 virtual machine in a few easy steps.
This creates a virtual machine which has the same hardware version as the version of
Workstation you are using. If you are using Workstation 8.x, it creates a virtual machine with
hardware version 8. If you are using Workstation 6.5.x or 7.x, a virtual machine with
hardware version 7 is created.
If you select Typical, the wizard prompts you to specify or accept defaults for the
following choices:

The guest operating system

The virtual machine name and the location of the virtual machine's files

The network connection type

Whether to allocate all the space for a virtual disk at the time you create it

Whether to split a virtual disk into 2GB files

Custom (advanced): Create a virtual machine with advanced options, such as SCSI
controller type, virtual disk type and compatibility with older VMware products. If you choose
Page 8 of 27

this option to create a virtual machine you can define its hardware compatibility. You can
select from Workstation 11.x, Workstation 10.x, Workstation 9.x, Workstation 8.x,
Workstation 6.5 -7.x, Workstation 6, Workstation 5, and Workstation 4.
Select Custom if you want to

Make a legacy virtual machine that is compatible with Workstation 4.x, GSX
Server 3.x, ESX Server 2.x and VMware ACE 1.x.

Store your virtual disk's files in a particular location

Use an IDE virtual disk for a guest operating system that would otherwise
have a SCSI virtual disk created by default

Use a physical disk rather than a virtual disk (for expert users)

Set memory options that are different from the defaults

Assign more than one virtual processor to the virtual machine

If you selected Custom as your configuration path, you may create a virtual machine that
fully supports all Workstation 10 features or a legacy virtual machine compatible with specific
VMware products.

For our purpose we will press typical.

Page 9 of 27

4. The next screen gives us three options from which we can install the operating system
from.
Installer disk will be used if you have an installation disk to install the operating
system/software from.

Installer disk image file should be checked if you an ISO copy of the operating
system/software
I will install operating system later should be checked if you have a VMware virtual disk
file.
For our purpose we will install it later.

5. The next stage is to choose the guest operating system. This is the operating system
you are installing into the virtual machine. For our purpose we will choose Linux.

Page 10 of 27

Once you have chosen your operating system you should scroll down the menu to choose
which version of the operating system you want. For our purpose we will choose Ubuntu.

6. The next step is to give your virtual machine a name. It does not matter what name you
Call it. For our purpose we will call it Kali Linux

From here you now choose which folder to store your virtual machine in. Using the
default folder is okay. For our purpose we will choose the default folder.

7. Now we have to choose what size of virtual disk space we need. This will depend upon
what you intend to do with the operating system you are installing. If you intend to install
software and use the operating system to store files then a bigger drive may be
necessary.
You can set a size between 0.001GB and 2TB for a virtual disk file. You can also select
whether to store a virtual disk as a single file or split it into multiple files.

Page 11 of 27

For our purpose we will just choose the default of 20GB.

Our next choice is how to store the virtual hard drive disk. We have two choices here.
The first one store virtual disk as a single file. This choice is the same having a single
partition on a hard drive. The virtual disk will grow as you add to it.
The second choice is split virtual disk into multiple files. Splitting the disk into multiple
files makes it easier to move the virtual machine to another computer but may reduce
performance with large disks. When you split a virtual disk less than 950GB, a series of
2GB virtual disk files are created. When you split a virtual disk greater than 950GB, two
virtual disk files are created. The maximum size of the first virtual disk file is 1.9TB and
the second virtual disk file stores the rest of the data.
For our purpose we will chose to split the virtual disk into multiple files.
8.

9. Now all the settings have been made it is time to create the virtual machine. You can
always go back to either check or make any changes.

Page 12 of 27

If you choose to customize hardware you will be guided to hardware settings. The first one
you see is the memory location. You can stick to the default memory settings but if you plan
to use the virtual machine to run many applications or applications that need high amounts
of memory, you may want to use a higher memory setting. You can also reset other
configurations here.
For our purpose we click finish.
10. We can now see our home screen with all the settings in the left hand column but we are
not finished yet as we still need to tell the virtual machine where to go a look for the
operating system.

Page 13 of 27

11. At this point can either double click on the edit virtual machine settings or CD/DVD
(SATA) Auto detect lines. Both will take you to the same place but double clicking the
second one gets you there quicker.

12. Here we need to check the use ISO image file click on the browse button and select
from the folder you have the image stored in.

You will also need to check the button connect at power on. Once youve done that click
the OK button.

Page 14 of 27

13. It now takes you back to the settings column where you can see that now the virtual
machine knows where to find the image file.
15. You can now go ahead and press the power on this virtual machine link.

16. The start-up screen gives you a choice of system you want to boot up.

17. Below are a selection of choices to log into Kali Linux.

Live (amd64 & 64 failsafe)
These are the standard mode for everyday operations.
Page 15 of 27

Live (forensic mode)

Kali Linux Live provides a forensic mode, a feature first introduced in BackTrack Linux.
The Forensic mode live boot option has proven to be very popular for several reasons:

Kali Linux is widely and easily available, many potential users already have Kali ISOs
or bootable USB drives.

When a forensic need comes up, Kali Linux Live makes it quick and easy to put Kali
Linux on the job.

Kali Linux comes pre-loaded with the most popular open source forensic software, a
handy toolkit when you need to do forensic work.

Kali Linux Live USB Persistance

Kali Linux Live has two options in the default boot menu which enable persistence the
preservation of data on the Kali Live USB drive across reboots of Kali Live. This can
be an extremely useful enhancement, and enables you to retain documents, collected
testing results, configurations, etc., when running Kali Linux Live from the USB drive, even
across different systems. The persistent data is stored in its own partition on the USB drive,
which can also be optionally LUKS-encrypted.
Live USB Encrypted Persistence
As above but encrypted.

For our purpose we will choose Live (amd64).

18. The first thing you notice is we do not have a network connection.

Page 16 of 27

19. You can see if the network adaptor is active in the bottom right hand corner. In our case
the network adaptor is active but we do not have a connection.

20. We need to double click the network adaptor to see the configuration box.

Page 17 of 27

21. If your host computer is on a network and you have a separate IP address for your virtual
machine (or can get one automatically from a DHCP server), select Use bridged. Be
aware that this opens up your virtual network to the world.
If you do not have a separate IP address for your virtual machine but yo want to be able
to connect to the Internet, select Use network address translation (NAT). NAT allows you
to share files between the virtual machine and the host operating system.
If you want a totally separate network isolated from the host system choose Host-only or
custom.

For our purpose we are going connect to the new custom network adaptor we created
earlier.

Page 18 of 27

22. When we go back to out virtual machine we can see the network adaptor is trying to
establish a connection with network.

Page 19 of 27

Once a connection has been made you will see two computers together.

In order to double check we run the command ifconfig and it will show us our network IP
address. In our case the IP address is 192.168.127.128/24

Viola! We now have a live connection to our virtual network.

The proof is in the pudding!

Page 20 of 27

192.168.209.128

192.168.209.130 is pinging
192.168.209.128

192.168.209.130

Page 21 of 27

Here we are capturing the ping in wireshark on another system.

192.168.209.129

The BIG Showdown

When you think of virtualization on your PC then two types of software come to mind:
VMware Workstation and VirtualBox. Looking back in history VMware has been around
longer than VirtualBox. The first release of VMware was in 1999 in fact they claim to be the
first to commercially successfully virtualize x86 architecture. Where as VrtualBox came to life
in January 2007 and is an open source project under the management of care of Oracle.
(Wikipedia 2015)
So, how do they compare head to head in todays market place? The first thing to take note
is that they both run on Windows, Linux or Unix. When it comes to the Mac, VirtualBox
supports Mac OS x hosts and guests as well however, VMware offers a separate product,
VMware Fusion for a Mac.
In order to be fair both systems were tested on an Intel Core i7-3770K CPU with 16GB of
RAM, 128GB of SSD system-volume storage, and 2TB of additional hard disk space. The
host operating system was Windows 7.
VMware Workstation

Page 22 of 27

VMware Workstation includes all the features of VMWare Playereasy virtual machine
creation, hardware optimization, driver-less guest OS printingand adds in the ability to
clone machines, take multiple snapshots of the guest OS, and a replay changes made to the
guest OS for testing software and recording the results within the virtual machine.() The
most visible are support for Windows 8 and USB 3.0; improved graphics drivers, which
include OpenGL support for Linux guests; nested virtualization, which allows -- among other
things -- running Hyper-V in a guest (at your own risk!); and a number of remote-control and
VM management improvements. It even has some capabilities that users might never have
thought about.

(infoworld 2015)
One good thing about VMware is that you need no experience with virtualization software as
it is designed for the beginner and provides shortcuts to creating a new machine, firing up an
existing one or setting preferences. If you have Virtual machines already loaded then they
will be seen automatically and can be started and the click of a button. If you want to start a
new one and you have the installation disk it will automatically detect it and prompt you for
any product keys needed.
VMware comes with a set of guest tools which you can install to make life a bit easier. Tools
enabling you to directly copy and paste files between host and guest. You can go into Unity
Mode, which allows programs from the virtual machine to be run directly on the host
desktop. Another key feature is the fact that it is able to map a virtual disk to a drive letter on
the host so that files can be copied in or out of that drive.
Want to take a picture of a given virtual machine? No problem, you will be presented with an
easy to read diagram of all the pictures you've taken highlighting the current one. Its also
possible to schedule pictures which can be used to restore the system if needed. On top of
Page 23 of 27

that, virtual machines can be remotely accessed via the open source VNC protocol or
shared out to other VMware Workstation users on the same network. Another cool feature is
that virtual machines can be uploaded to or from an instance of VMware. This creates a
workstation into an environment for to-be-deployed machines.
A feature which you would not expect to see is the "capture movie" function. You are able to
capture audio and video output and pipe it directly to a movie file. A fantastic way to create
tutorials, reports, demonstrations and so on.
Oracle VM VirtualBox 4.2
According to reviews VirtualBox does not have as many features as VMware Workstation.
On the other hand it is however a good choice if you are using the open source version. This
version includes propriety extensions such as USB 2.0 support. It is free for personal use but
if you want to use for commercial use then you need to buy a license.
VirtualBox has many features also found in VMware Workstation. Look at the set-up process
of VMware Workstation for example. In VirtualBox, you need to follow the step given by a
wizard that prompts you as to which operating system you want to install. On VMware
Workstation it detects it automatically. In addition to that VirtualBox does not provide
extended setup automation features that VMware Workstation does. It does offer you a set
of recommended settings. For example memory size for the VM and a couple of other
internal options, but the actual OS installation process still has to be done manually.
When we talk about USB support in VirtualBox it is limited to USB 2.0, whereas VMware
Workstation can emulate USB 3.0. Although both can connect to USB devices (such as
cameras or scanners) on the host, it's a lot easier to accomplish in VMware Workstation, and
VirtualBox doesn't connect to and release hardware as reliably as VMware Workstation
does.
VirtualBox uses a peculiar variant on Microsoft's Remote Desktop Protocol to allow remote
connections to VMs. However, it is a proprietary extension of VirtualBox.
Its not all that bad for VirtualBox it does have features that make you smile. A given virtual
machine can support up to 32 virtual CPU cores per machine, with the maximum depending
on your host hardware's capabilities. It also has an "execution cap" function, which lets you
specify a hard limit for host CPU utilization -- a feature not clearly provided by VMware
Workstation.

Page 24 of 27

When it comes to taking a snap they are head to head on this one. As in Workstation, you
can take multiple branching snapshots of a given VM. There is also the capability to clone
VMs, which can be done either by making a full, separate copy of the VM or by using a
snapshot as the basis for the clone.
When it comes to support for a variety of virtual-disk formats: VMDK, VHD, HDD (from
Parallels), and QED/QCOW (from QEMU). VirtualBox is a good testing ground to try out a
slightly broader range of virtual machine types than VMware Workstation.
Conclusion
So, all in all how do they shape up for the person looking for a free version? VMware has a
free version by the name of VMware Player. They differ in product licensing, as VirtualBox is
a little more generously licensed than VMware Player. You can also get a few features on
VirtualBox that VMware Player has limited use on, including snapshotting, virtual-network
management, and cloning of workstations.
At the end of the day its all about money. If you have to the money then VMware
Workstation is by far the best choice. It not only out performs VirtualBox but its crossintegration with other VMware products that make Workstation worth the money. But
remember, VirtualBox does have things to offer that VMware Workstation or VMware Player
dont.
(infoworld 2015)
Page 25 of 27

REFERENCES

(1) Oxford Reference 2015, Oxford Reference, Available from:

http://www.oxfordreference.com/search?
siteToSearch=aup&q=virtual&searchBtn=Search&isQuickSearch=true [6th April 2015]
(2) Laumer J, Data Center "Cable Mess" October 21, 2008, treehugger: Blog available at:
http://www.treehugger.com/sustainable-product-design/greener-data-centers-brian-pmccann-cmo-of-onpath-technologies-explains-how-the-virtualized-infrastructure-layer-cansave-resources.html
(3) Kalla R, The Super Internet (Wall of Ethernet Cable) 15th November 2007, Available at:
http://www.thebuzzmedia.com/the-super-internet-wall-of-ethernet-cable/ [6th April 2015]
(4) Thoke O, Data Center Server Virtualization in Cloud Hosting Environment, Available
from: http://webhosting.about.com/od/Clouding-Hosting/a/Tips-For-Building-Data-CenterFor-Cloud-Hosting-Environment.htm?utm_term=virtualization%20server&utm_content=p1main-3-title&utm_medium=sem&utm_source=google&utm_campaign=adid-5563ea69-3c9e49ef-a526-3ffeedfdaa1d-0-ab_gsb_ocode5985&ad=semD&an=google_s&am=broad&q=virtualization%20server&dqi=server
%2520farms%2520Virtulization&o=5985&l=sem&qsrc=999&askid=5563ea69-3c9e-49efa526-3ffeedfdaa1d-0-ab_gsb [6th April 2015]
(5) Download VMware Workstation, Available from:
https://my.vmware.com/web/vmware/info/slug/desktop_end_user_computing/vmware_workst
ation/11_0 [6th April 2015]
(6) downloads : BackTrack Linux Penetration Testing Distribution/, Available from:
http://www.backtrack-linux.org/downloads/ [6th April 2015]
(7) Metasploitable, Available from:
http://sourceforge.net/projects/metasploitable/files/Metasploitable2/ [6th April 2015]
(8) Ubuntu Kylin, Available from: http://www.ubuntu.com/desktop/ubuntu-kylin [6th April 2015]

Page 26 of 27

(9) Configuration and Recommendations 2015, Available from:

www.vmware.com/files/pdf/isv/...and_Configuration_Recommendations.pdf [6th April 2015]
(10) Kali Linux Official Documentation, What is Kali Linux? 2015, Available from:
http://docs.kali.org/introduction/what-is-kali-linux [6th April 2015]
(11) VMware Workstation 2015, VMware Workstation, 4 March 2015, Available from:
http://en.wikipedia.org/wiki/VMware_Workstation [6th April 205]
(11) Yegulalp S, VMware Workstation 9 vs. VirtualBox 4.2, Sep 26, 2012, Available from:
http://www.infoworld.com/article/2615128/virtualization/review--vmware-workstation-9-vs-virtualbox-4-2.html [6th April 2015]
(12) Fitzpatrick J, Five Best Virtual Machine Applications, 19th December 2010, Available
from: http://lifehacker.com/5714966/five-best-virtual-machine-applications [6th April 2015]

Page 27 of 27