Sign In
Register
Help
The 2 big names of virtual computers out there right now are VMWare (a very nice software) and Virtual PC.
Although VMWare is very powerful and has numerous networking options, this tutorial focuses on Virtual PC - it's a little cheaper for most and faster with some things IMHO (and I'm a big VMWare fan too). Alas, however, Virtual PC doesn't really come with instructions on how to set up a more complex network scheme. How can I route network packets between VM's? How can I somehow route a host packet to my VM? This tutorial illuminates one way to do it.
Virtual PC was bought by Microsoft in 2003 and they released the latest version, called Virtual PC 2004:
Virtual PC is a powerful software virtualization solution that allows you to run multiple PC-based operating systems simultaneously on one workstation, providing a safety net to maintain compatibility with legacy applications while you migrate to a new operating system. It also saves reconfiguration time, so your support, development, and training staff can work more efficiently. Microsoft released Microsoft Virtual PC 2004 on December 2, 2003.
You can download a demo from their site. It works pretty well and I've been impressed with it so far.
Virtual PC offers 5 networking options for Virtual PC's:
1. Not connected. Enough said, (pretty purposeless for our uses).
2. Local This option provides networking support between virtual machines only. This means that the virtual machine will not have access to any network resources on the host operating system.
3. Shared Networking The first virtual machine network card can be assigned to Shared Network (NAT). When this option is selected, the virtual machine is connected to a private network created by Virtual PC. The network includes a virtual DHCP server and a virtual network address translation server. The virtual machine is then able to access most TCP/IP-based resources that the host operating system can access. For more information about shared networking, see Managing shared networking for virtual machines.
4. Network adapter on the physical computer When this option is selected, the virtual machine is connected directly to the currently selected network connection of the host operating system. The virtual machine will appear and behave like a separate physical computer on the same network. The networking configuration of the virtual machine is determined by the configuration of the network. For example, the configuration of the network will determine how an IP address is assigned to the virtual machine. If the network uses a DHCP server, an IP address is assigned dynamically to the virtual machine. Similarly, if the network uses static IP addresses, you must manually configure the virtual machine to use a static IP address, following the procedure specified in the documentation for the virtual machine operating system.
5. Microsoft Loopback Adapter If you want to create a more complex network environment on a single physical computer, without installing multiple physical network cards, you can install multiple instances of Microsoft Loopback Adapter on the host operating system. For more information about Microsoft Loopback Adapter, see Extending networking capabilities for virtual machines.
What we want to do is run a server on the virtual computer, and have it available to external networks, and perferably to our host system as well, so we can make a honeypot or test exploits. Looking at the above list, options 1, 2, and 3 will NOT do what we want. Not connected (option 1) means just what it says, Local only (option 2) only lets Virtual machines talk - and we want our host to be able to talk, and NAT (option 3), while being useful, still won't allow an external network OR the host to talk to the virtual PC. So that leaves us with two options - 4, and 5.
So what about option 4. Well, it works fine, you can run the virtual PC as though it's a real computer on your network. And if you have a hardware switch like a LinkSys, this is OK too because you can always configure your switch to allow ports/deny ports/access to the virtual machine. So you have a server now with all the benefits of a virtual PC (ability to suspend, ability to restore a prior state, etc). BUT it's hard to be "specific", unless you have a fancy hardware firewall. You can't make sure only certain items get thru. Also, what if you want to remap a port completely? Like you only have port 80 on the virtual PC but you want to use a different port thru the firewall? Yes, you can configure firewall rules for this, but there is an easier way. Use option 5.
Option 5 opens our Virtual Machine only to the host. You install the Microsoft Loopback adapter. In Windows XP, this is a trivial thing and super simple:
1. Right click on "My Computer" and choose "Properties."
2. go to the "Hardware" tab and click "Add New Hardware Wizard".
3. The wizard will search your machine for a bit and then ask you if the hardware is already installed. Say yes.
4. In the next dialog that comes up, scroll all the way to the bottom where it says "add a new hardware device" and click next.
5. Now say "Install hardware that I manually select from a list".
6. Scroll down to Network Adapters, click Next.
7. Now just choose "Microsoft", and "Microsoft Loopback Adapter" and click next, and you are off to the races.
You may choose now to set up the IP address for the loopback adapter by going into "Settings->Control panel->Network Connections", and selecting the Loopback adapter. However, for this tutorial I didn't do that, I just let the loopback adapter get an autoconfiguration IP address, which it does by default.
Once the loopback adapter is installed and ready, we have to tell Virtual PC use it.
Start Virtual PC up (if it's not running already), and choose "Settings" for your particular virtual machine, and then choose "Networking" in the settings list. Set Number of adapters to 1, and for adapter 1, choose "Microsoft Loopback Adapter". Note that you can only change this setting if the virtual machine is OFF, if it's in a saved state you'll have to turn if off first then make these changes.
Now turn on the virtual machine, let it boot up, and let's try using this loopback adapter. The Microsoft Loopback Adapter has installed it's routing in your Host PC's route table (you can verify this by going to a command prompt and typing "route print"), so if you ping your virtual machine from the host it should work. You don't even need to worry about subnets either. So let's try it:
My loopback adapter's IP autoconfiguration turned out to be 169.254.25.129. Note that this is the gateway then, to the virtual machine (even though it won't show up at "gateway" in ipconfig in the virtual PC). My virtual machine's IP is 169.254.136.191. (found by running ipconfig inside the virtual machine OS). Let's ping it from the HOST:
C:\>ping 169.254.136.191 Pinging 169.254.136.191 with 32 bytes of data: Reply from 169.254.136.191: bytes=32 time<1ms TTL=128 Reply from 169.254.136.191: bytes=32 time<1ms TTL=128 Reply from 169.254.136.191: bytes=32 time<1ms TTL=128 Reply from 169.254.136.191: bytes=32 time<1ms TTL=128 Ping statistics for 169.254.136.191: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms C:\>
I'm sure this is the virtual PC because look the round trip time was 0ms !
So I can talk to the virtual machine now, from my host. I can now set up a server on the virtual PC and communicate to it from my host by using this IP address. I can even create network shares between the two as well. However, this still doesn't open up the virtual machine to the outside world. How can I redirect a port on my host to get the the virtual machine? Simple, use a program called FPipe by FoundStone: www.foundstone.com/knowledge/proddesc/fpipe.html
Using FPipe, we can bind to a port on the host, and when communications come in, have it redirect it to a port / IP combo, which in this case will be our virtual machine!
FPipe options
FPipe v2.1 - TCP/UDP port redirector. Copyright 2000 (c) by Foundstone, Inc. http://www.foundstone.com FPipe [-hvu?] [-lrs <port>] [-i IP] IP -?/-h - shows this help text -c - maximum allowed simultaneous TCP connections. Default is 32 -i - listening interface IP address -l - listening port number -r - remote port number -s - outbound source port number -u - UDP mode -v - verbose mode Example: fpipe -l 53 -s 53 -r 80 192.168.1.101 This would set the program to listen for connections on port 53 and when a local connection is detected a further connection will be made to port 80 of the remote machine at 192.168.1.101 with the source port for that outbound connection being set to 53 also. Data sent to and from the connected machines will be passed through. C:\>
Let's put a TFTP server on our Virtual Machine and try to get the outside world to reach it. Grab a copy of TFTP and drag it into the virtual PC (virtual pc supports drag-n-drop file sharing between host and client machine). Start it up, and we are now listening on port 69 in the virtual machine. Now we just need to redirect port 69 of the host to the virtual system.
If you notice the FPipe options, at then end you'll see you can put in an outgoing IP:
[code]
FPipe [-hvu?] [-lrs <port>] [-i IP] IP <-- outgoing IP
[code]
so we can use that to tell it the virtual machine's IP, and our built in routing table will take over and the packets will get routed to the virtual machine properly, thru the loopback adapter.
So we want to redirect port 69, UDP protocol, to port 69, IP 169.254.136.191. Our command line will be like so:
FPipe -u -l 69 -r 69 169.254.136.191 <enter>
And then FPipe will sit and listen and wait for inbound connections to port 69 on our Host PC. Note we tell Fpipe the -u switch for UDP, since TFTP is UDP protocol. When the host receives a UDP connection on port 69, it will redirect (forward it) to the virtual PC, and to our TFTP server that's running in the virtual environment. If you want to see more info about the connections, etc, you can also add the -v (verbose) switch to the fpipe command line.
So now you have a server on the virtual machine, which is visible to the outside world (at least, the world outside your host machine), and you can be selective about which ports are visible, without even needing a firewall or firewall software, and even see verbose logs of the connections. This allows you to enjoy the freedom and power of a virtual system while still having a very flexible dynamic virtual network layout.
Alternatively, if you don't mind the virtual PC being a physical machine on the network, you can set it to use "Network Adapter on the Physical Computer", and if you have a hardware switch like a LinkSys, you can set the LinkSys to let the virtual machine be "DMZ" - since the virtual PC will have it's own IP Address from the Linksys. Note that DMZ option will expose it to the internet completely. I'd say the biggest benefit of choosing option 5, however (the extended network option, and using fpipe), is greater control over exactly which ports get in to the VM , as well as the ability to redirect ports (remap ports to other ports ) at the same time, which aids in flexibility.
Another cool thing about option 5, is if we have a packet sniffer we can set it to sniff the Microsoft Loopback Adapter only, and watch the traffic to the virtual machine, without any host interference.
Enjoy..
-niko
MultiQuote
