Virtualization is becoming one of the IT industry’s hottest buzzwords. It is estimated that the CPU and RAM in a typical enterprise server is only about 20 percent utilized, resulting in wasted financial and computing resources. Virtualization allows you to run multiple virtual machines (VMs) on a single host (physical) machine. This improves resource utilization. Further, the processes that run on VMs are isolated from processes that run on the host computer and on other VMs, thus providing a layer of security for those processes and the data that the processes are accessing. You can isolate processes that access secure data, and you can utilize virtualization to solve problem child (unreliable applications) and golden child (mission-critical applications) issues.
Today’s IT administrator and security professional must be familiar with, if not fluent in, virtualization. If you’re not, you may be left behind in the rush to implement VMs. There are three major players in this virtualization niche: VMware (www.vmware.com/), Microsoft (www.microsoft.com/virtualization/default.mspx), and VirtualBox (www.virtualbox.org/).
Scenario
You are a network guru troubleshooting all sorts of computer- and network-related maladies. You carry a tried-and-true laptop computer that runs Windows 7. The budget is tight and will not allow the addition of new hardware, but you must utilize a collection of Linux-based network-analysis and forensic tools in the popular distribution disk called Helix Live v1.9. Your solution is virtualization.
Scope of Task
Duration
This task should take 90 minutes.
Setup
The only things needed for this task are a recent, patched operating system, 2 GB of hard drive space, and an Internet connection. You will need to download approximately 750 MB of content.
Caveat
This procedure requires downloading and installing software from the Internet. This is always a risky move. When downloading software from the Internet, always verify that you are connected to the trusted website that you expect to be connected to. Carefully check the URL in the address bar to confirm this. If you have any doubts about the validity and trustworthiness of the website, do not download or install any software.
Procedure
You will download and install a free evaluation copy of VMware. You will also download the ISO file for the Helix Live distribution. Once VMware is installed, you will create a virtual machine and mount the Helix Live distribution. Helix Live will boot into a Linux-based operating system inside the VM while you will continue to have full functionality of the host operating system.
In addition to using VMware, you can perform this exercise using Microsoft’s Virtual PC, Virtual Server, or VirtualBox. Specific steps in the procedure and settings may differ, but the overall functionality exists in all of these virtualization products.
Equipment Used
For this task, you must have:
- Any Windows XP, Windows Vista, Windows 7, or Windows Server 2003 system
- 2 GB of free hard drive space
- Local Administrator or Domain Administrator access
- Internet connectivity
Details
Download and Install VMware
1. Log on to a Windows XP, Windows Vista, Windows 7, or Windows Server 2003 system as a Local or Domain Administrator.
2. Launch Internet Explorer.
3. Download the latest version of VMware Workstation from and Helix Live v1.9 from http://downloads.vmware.com/d/info/desktop_downloads/vmware_workstation/7_0
VMware Workstation is about 600 MB. Helix Live is about 700 MB. It is always appropriate to validate the hash value of the downloaded content when it is available, especially when the downloaded content is an executable. The hash value acts like a fingerprint of the file. To verify that the file has not been tampered with and is not infected with a virus, compare the hash value of the file published on the download web site to a new hash value you calculate after you download the file.
4. Install VMware Workstation following the manufacturer’s recommended procedures.
Building a Virtual Machine
1. After VMware Workstation has been successfully installed, launch it.
2. Select File ⇒ New ⇒ Virtual Machine.
3. Click Next on the Welcome screen of the New Virtual Machine Wizard.
4. On the next screen, select the Typical virtual machine configuration. Click Next.
5. Select the Linux radio button, and then select Other Linux 2.6.x Kernel from the Version drop-down list. Click Next.
6. Name the virtual machine Helix Live. Select an appropriate path to the home folder for the virtual machine. Click Next.
7. Select either Use Bridged Networking or Use Network Address Translation (NAT) on the Network Type screen. In some cases, NAT seems to work more reliably than Bridged. Click Next.
8. Accept the default on the Specify Disk Capacity screen and click Finish.
9. As the New Virtual Machine Wizard completes, VMware Workstation should look like this:
10. Select VM ⇒ Settings.
11. In the Virtual Machine Settings dialog box, click the Hardware tab, and select Floppy under Device. Then click the Remove button.
12. Select CD-ROM under Device. In the right pane, select the Use ISO Image setting, and browse to the new download of the Helix Live ISO.
13. Click OK. Review and adjust the other VM settings as desired.
VMware Workstation allocates physical RAM to the VM in accordance with the setting defined here. Adjust the RAM value to a level that can be adequately accommodated (given to the VM) by the system. This allocated RAM will not be available to other applications or the operating system on the host machine.
14. You are ready to boot up the new VM into the Helix Live Linux distribution. Click the green Play button on the menu bar. The VM should boot up on the Helix ISO that is mounted by the VM’s CD-ROM drive.
15. Click inside the VM window. Use the Up and Down arrows on your keyboard to highlight the GUI menu item inside the virtual machine.
Notice that when you click inside the VM window, VMware captures (grabs) the mouse. To release the mouse, press Ctrl+Alt.
16. With GUI highlighted, press Enter to launch Helix in GUI mode.
17. You are now running a second instance of a computer, a VM, on your host computer. Both operating systems remain fully functional. Explore the Helix Live distribution (called a distro).
18. Click the globe icon in the menu bar at the bottom of the window. This launches the Mozilla Firefox browser. Type into the address bar of Firefox the protocol and address of a valid website, such as http://www.google.com. If your host computer has Internet connectivity, the VM should also have Internet connectivity.
19. If you have installation media for an operating system, that OS can be installed in a VM and operate as a computer as if it were on its own hardware.
Criteria for Completion
You have completed this task when you have downloaded and installed VMware Workstation and have successfully mounted the Helix Live ISO image.