ZZEN9217 H6 O.S. Fundamentals for Security: VM platform notes

From techdocs
Revision as of 08:01, 22 August 2022 by Plinich (talk | contribs)
Jump to navigation Jump to search
  • Testing on [AWS] nw-syd-vx1 using QEMU in emulation mode rather than hypervisor/KVM mode
  • Installed on vx0 (an out-of-warranty Dell R510) which is configured as a [New World] VLAB/login server, and which runs the VM's with QEMU in hypervisor/KVM mode
  • Images and scripts in /usr/local/qemu_machines + /usr/local/infrastructure/bin/start(win|kali) + /etc/sudoers.d/start(win|kali)
  • Installed qemu-system-x86 and bridge-utils packages
  • startkali: starts Kali Linux, includes second interface (eth1) for link to Windows XP host established via up/down scripts for QEMU which set up a bridge and join eth1 (tap device) to the bridge. Due to the down script running as the user rather than root (due to "-runas" in qemu-system-x86_64 invocation) the bridge created by the up script cannot be removed
  • startwin: starts Windows XP, up/down scripts link network tap device to bridge mentioned above
  • Kali Linux primary interface (eth0) uses DHCP and gets the QEMU user-network address of 10.0.2.15/24. This is also Kali's default route
  • Kali Linux second interface (eth1) has a static IP address of 192.168.1.1/24
  • Windows XP primary interface has a static address of 192.168.1.2/24. Windows XP has no default route and no DNS servers
  • Kali's eth1 and the Windows XP primary ethernet interface are connected together via TAP interfaces on a private bridge named "br<username>" (e.g., "brplinich"). See brctl show
Retrieved from ‘https://techdocs.cseunsw.tech/mediawiki/index.php?title=ZZEN9217_H6_O.S._Fundamentals_for_Security:_VM_platform_notes&oldid=383