TransWikia.com

Secure a virtual machine during a lab exercise

Information Security Asked by Martin Fürholz on October 28, 2021

I recently started the Offensive Security AWAE course.
On their connectivity guide page, they warn about the hazards of connecting to their labs:

you will be exposing your computers’ VPN IP to other students taking the course with you. Due to the nature of the course (and its participants!), your computer may be subjected to attacks originating from the VPN network. This is true even if you are located behind a NAT device.

I contacted them and asked what I could do to secure my PC (Windows 10 with the VMware VM, running Kali Linux), and their answer was, that I could "separate the IP segment of my VM with the host machine", but they couldn’t help me regarding how to achieve that.

Can someone please help me finding information how to achieve that with the VMware VM?

How realistic is the risk that someone ‘hacks’ into my machine?

Are there other measures I can take to reduce any risks?

2 Answers

It seems you have ignored the very best advice by cutting your citation just before it:

Kali users, please change the default root password!

If there's no known vulnerabilities in the Kali version you are using, it's relatively safe to use – unless you gave access to everyone by using default (or otherwise guessable) credentials. If someone gets into the Kali, it's possible to move laterally to every computer the Kali machine sees, and it also has all the tools required already installed.

So, securing your computer/network from the Offensive Security AWAE course VPN has two sides:

  1. Securing your Kali Linux.

    • From the Kali's Default Credentials documentation you can see that:

      • Kali changed to a non-root user policy meaning the installation is asking to create a user with a password and sudo is used instead of the former root:toor default.
      • Pre-created VMware images use default user kali:kali which should be changed!
      • If you are using a Vagrant image, the default is vagrant:vagrant and should be changed!
    • Use strong passwords that can't be easily brute-forced.

    • Disable SSH logins and use the Kali from the VM console.

  2. Securing your network from the Kali.

    • If possible, you could dedicate an old computer for your Kali. It's not necessary to use Kali in a VM, if you are afraid someone might break out from the VM and compromise the host.

    • Use the Kali machine (whether it's a VM or dedicated hardware) on an isolated network segment that won't see other devices on your network at all. Configuring the network like this is out of scope on Information Security SE.

Answered by Esa Jokinen on October 28, 2021

While it's probable that bridging your VM network as an entirely different subnet from your host Windows laptop will be sufficient, it's not guaranteed.

Standard practice when taking a laptop into a hostile environment is to assume that it will be compromised and plan accordingly.

  • Use a clean machine with no sensitive content in the first place
  • Expect to at least wipe the host system afterward
    • A really hostile environment calls for physical destruction afterward

Using a machine that you need to preserve is not recommended!

Answered by user10216038 on October 28, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP