VirtualBox is a free hyper-visor we can use to setup a lab for practice. Go ahead and download it now and we’ll go through setup for a semi-secure lab that will suffice. I’ll reference a book if you want to go balls to the wall lab setup at the end.
Creating virtual networks
- After downloading VirtualBox we’ll want to set up the virtual network. Go to file > preferences
- Click on “Network” and you should be looking like the picture above
- Make sure you’re on the “Network” tab and “Host-only Networks” and click on the icon that looks like a network card with a “+” sign on it.
- “vboxnet0” should now be available. Click on the other icon that looks like a screw driver to configure this network.
- Default settings should be fine for this. Should have a default of 192.168.56.100 for the gateway server and be 192.168.56.101-192.168.56.254.
Adding network card to Attacking and Victim VirtualMachines
- Download your attacking VM (Likely Kali)
- Install your attacking virtual machine to VirtualBox
- Once your VM is installed click on settings while the VM is highlighted.
- Make sure you’re on the network tab
- Select “Host-only Adapter” in the “Attached to” portion as shown in the picture.
- Make sure vboxnet0 is the selected network card
- For the kali box you’ll want to add a second adapter so you can update tools 8, Select Adapter 2 and change “attached to” to “NAT”
- Go ahead and install your victim machine now. You can get vulnerable OS’s from VulnHub
- Once you have the Victim OS installed repeat steps 3-6
This is just a very basic lab setup that’ll keep a vulnerable operating system out of harms way; however understand that malware and hackers are a lot more sophisticated these days and have ways to know if they’re sandboxed. Essentially allowing them to break out of the sandbox and onto your host machine. I consider this quick and dirty. The “Host-Only” adapter keep you on a seperate internal network scheme, so make sure the defaults are different than your home/work network. For instance if your home network is a 192.168.x.x you might want to change the virtual adapter to 10.x.x.x or 172.16.x.x.
If you have the hardware and want to build a good lab I suggest getting the book Building Virtual Machine Labs: A Hands-On Guide which will go over pfsense firewall, building multi-layer networks, as well as other cool things. It’s truly a great resource for infosec related labs. It covers all major and even some not as well known hyper-visors.