Time
5 hours 38 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Description

In this video Dean continues outlining the setup process for the pentesting environment. Configuration of the networking mode and hard drive are covered. He notes that setting the networking mode to NAT rather than Bridge mode is important in order to isolate the host machine from the vulnerable VM used for pentesting. Optimal settings for the VM's hard drive and memory are also discussed. It's advised that sufficient resources exist on the host machine in order to accommodate the virtual test environment. The final step is completion of the Kali build process by configuring the basic OS settings such as language and other customizations.

Video Transcription

00:03
that you are set up. So
00:07
in the NAPM Oh, that's that's good. We can we can set that up. Another thing to think about is your hard drive
00:14
so
00:17
we can see that
00:23
her job's not defined yet.
00:25
Okay,
00:26
we'll be there. And just
00:29
once we get this
00:30
further long, I want to change the Nats setting first, though,
00:35
because it's important not to be in bridge mode,
00:39
especially with not exportable, and I'll talk about that later as well. But bridge mode is bad
00:45
for doing security testing for doing for hosting vulnerable V EMS because now that virtual, she will get an address on the same network as as the one that you're wrong.
00:55
And since it's a vulnerable machine, that would be dangerous. So we're gonna believe it in that mode. But it closed this, and I'm going to
01:03
finished the beginnings of building my my Callie instance.
01:07
All right, so I'm gonna now that I can see here's my hard disk information. I had to close another window, so I'm gonna select this really quick
01:17
so we can inspect the settings,
01:19
one of things that you might want to do.
01:22
There's different schools of thought about this. There's one school of thought that says that a pen testing machine
01:27
should be
01:29
in a non persistent mode because you want to just be able to boot it up, run some tools, maybe send some data somewhere, and then you're done, which is fine.
01:38
Or the other school of thought says. Well, this is my pen testing machine that I want to keep all the information contained in.
01:45
So in order for that to happen,
01:47
we have to change this disc to be persistent.
01:51
So we're gonna go to our advanced settings button here.
01:55
I wanna make the disc independent,
01:57
which means that it's not affected by snapshots. So if you were planning to snapshot, you're Kelly instance and revert to a back of river back to that later,
02:06
this won't be an option.
02:07
But in any case, if we make this disc independent, weaken, Select Persistent,
02:14
which treats the virtual disc
02:15
the same way that a system treats a regular physical desk.
02:20
If we make a non persistent now, every time you boot up the SVM, it'll be the same as it was the first time he booted it up
02:25
in my case or in our case. Perhaps we don't want that. We want to keep it persistent.
02:30
So all the changes we make, all the improvements we make, All the customers ations
02:35
that we made to the SVM will be captured and preserved.
02:38
Okay,
02:39
that's the last change I want to make. 5 12 Meg of RAM is probably fine unless we're gonna be using certain tools later.
02:46
One processor is also fine. You could always adjust these later if you decide that the your Callie instances not performing up to your standards. Another thing to think about regarding resource is is the resource of your host itself.
03:05
If you're running player
03:06
or running workstation on a reasonably fast window seven machine or Windows time like I'm running,
03:13
um,
03:14
and you probably want to have about eight. Gig of Ram.
03:16
The reason I say that is
03:20
in order to have Callie running and to have medicine voidable running and maybe another VM that's used for a target for pen testing.
03:28
Each of those you know we're going to take 1/2 a gig of RAM or a gig of Ram or maybe even Maur, so it's better to have a nice cushion. Eight. Gig of ram a decent minimum.
03:38
I'm actually running with 32 because I might be hosting as many as four or five e ems at one time. And I want to have enough capacity to manage that kind of a virtual environment.
03:49
Okay,
03:50
so I'm to the, uh, the building process.
03:54
We're gonna power around the virtual machine,
03:58
come up. That's a little bit of knowing You want to click on this window and you'll notice that the live version of Callie's available is an option that will build a version of it that's non persistent that you just used when you need it.
04:14
And then when you shut it down, it's just like it wasn't the first time you turned it out. We're gonna go all the way down to the graphical install.
04:20
This gives us the full graphic environment
04:24
where we have a multiple desktops and some nice tools and command shells and such.
04:30
So we'll go ahead and
04:31
select this option. Went to the window. I just hit enter,
04:35
and then the boot process will begin.
04:39
I'm not gonna have the video running for the whole boot process. Most of you will
04:43
be familiar with some of the settings that are required. For instance, we have to pick our language.
04:48
You pick your country
04:51
and so on.
04:54
I'm gonna go ahead and pause here.

Up Next

Metasploit

This Metasploit tutorial will teach you to utilize the deep capabilities of Metasploit for penetration testing and help you to prepare to run vulnerability assessments for organizations of any size.

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions
Instructor