In the last post we setup the SAN’s SIFT forensics workstation in VMWare Player, now we will setup Kali Linux. Kali is used for penetration testing, i.e. offensive operations, and it will help us learn how to detect malicious traffic in the virtualized test environment we are setting up.
Kali Linux pre-requisites
The same basics requirements that we had for part 1 will apply for here. Make sure the machine you are going to use has adequate hardware to run it all. At a minimum make sure it has the following:
- Multicore processor with virtualization capability
- 8 GB of RAM (more is better!)
- Hard drive with lots of space (SSD’s are better!)
The system I’m using has an i7 with 6 cores, 32 GB of RAM and a 2 TB SSD for the VM’s and it works perfectly. VMWare Player works great for the virtualization software however VirtualBox and Xen are good alternative. Most systems do not have the virtualization option enabled by default and VMWare Player will not function without it enabled. This is easy to turn on in the systems bios.
Setting up the Virtual Machine
In part 1 we created a folder for the virtual machines and inside of it we created three separate folders, one for each virtual machine. Copy the <kali-linux-file-name>.7z to the folder called kali and extract it with 7zip. If you do not have 7zip just go get the free download and install it (don’t forget to check the hash!).
Once extracted you will see it is a working VMDK and is ready to go, now all you have to do is open VMWare Player and click on open a virtual machine. When prompted navigate to the folder where you extracted the 7zip file and select the .vmx file. VMWare Player may ask if you moved or copied the VM, if it does select copied and hit enter. Edit the VM’s settings and ensure they are correct, now would be a good time to add extra memory to the VM. Start the VM and make sure it loads and runs properly, the default credentials are:
- username – root
- password – toor
That’s all there is to getting Kali setup and running. The next installment of this series will focus on installing the Security Onion and monitoring the virtual network.