I have trouble getting my VMs into the domain.
Several old machines functioned as "servers" in our environment and when I newly started working here, I wanted to change this cluster into something more appropriate. So I calculated how one big server would cost us a certain amount of money but we would save it in electricity-bills etc.
The server finally arrived (HP Proliant) and I installed a Server 2008 R2 on it (boss wont pay for something newer a.k.a. more expensive). I created .vhd files of the HDDs of the servers I want to virtualize and copied those files into the new server. I activated Hyper-V role and created a new VM and selected one of the .vhd files as the HDD for that VM and started the machine. The machine starts, all goody.
As far as I understand in Hyper-V we got 3 network-settings and for my purpose "external network" is the one to go with. Correct me if I'm wrong. The server is already in the domain. So I thought it should actually work already, but somehow I cannot connect to the domain.
The network settings on the VM is DHCP but it is not getting an IP from the DC. Do I need to spoof the old MAC-Address? Do I have to turn the physical machine that I'm virtualizing off? (I didn't do that because I wanted to check first whether I can get both running at the same time before turning it off. Also I cannot access the environment past business hours, so testing this is when nobody is around is kinda out of question)
The VM has W7 running on it, if it matters. I'm kinda lost what to do as I only find how to join a VM into a virtual network when I try to google for solutions.
DC (physical, x.x.x.1 IP), The new server (physical, x.x.x.82 IP), The VM (virtual, DHCP, current address of its physical copy x.x.x.123 though DHCP is set on it, 123 is just the IP it got).
Regards
Edit: Found the solution. The server has 2 NICs. "Connection" and "Connection 2" or whatever it is called by standard in English. The virtual adapter (3rd NIC so to say) has "Connection 2" in its description too. I got confused and addressed the wrong NIC in the Hyper-V options. I am editing this from the VM that finally has connection to the domain.
Has been resolved. Answer is in the edit of original post.
Related
Now this is the issue that I have. I need to join my Windows 7 user to Windows Server 2019 Active Directory Domain in VM. But then I'm not sure whether this could work if the Windows Server 2019 is powered off and the server is still working. If yes, I can't ping the Windows Server's ip address from my Windows 7 user cause I can't run 2 different Windows in VM. I tried to use "Save the machine state" in order to keep the server running. So I don't know if "Save the Machine state" is actually like "Sleep". And if the server domain name could be joined when the server is powered off, I can't ping the domain name from the server.
I'm not sure what you're trying to achieve here but if you want to join the Window 7 WM to the Domain of the Server you need both of them to be running and then log on to the Domain with a privileged domain user.
Anyways savin the state is not the same as power off.
I want to install Damn Vulnerable Web Application (DVWA) on VirtualBox, so I downloaded the DVWA.iso and I'm following this tutorial for its installation.
At step 9, they say to choose internal network, but I don't really understand why (is it a security problem if I don't choose this option?). Because if I select internal network after I've got an IP like 10.0.something and when I try to connect from my computer (not the VM) to 10.0.something/login.php that doesn't work. But if I select bridge networking, I've got an IP like 192.168.something and it works.
Could you explain me why is it important to choose internal network, and why that doesn't work when I choose this?
Internal network on VirtualBox creates a network between boxes on the same host . I can't see the next steps of the tutorial you linked but my guess is that it will ask you to install Kali (or similar distro) on another box on that same host. This is what most people do.
Setting 'internal network' allows the 2 machines to talk to each other without any contact with the outside.
It is considered a security measure because the DVWA is a vulnerable machine so some people think that you shouldn't be giving access to internet to it, but I guess it's more about 'best practice' than a real security risk because in most cases firewalls, routers and ISP will prevent outside attackers to connect directly to that machine in any case.
Anyways, if you are using another computer on the same network to connect to DVWA you should be ok in using a 'bridged' connection on VirtualBox (this it will give to the DVWA an IP sitting on the same network of the host and of your computer). In NAT mode VirtualBox acts like a router, it may still be a good solution for you but not sure if the box is reachable from other computers as I think VB settings may affect this case.
If you are using instead the Host as a penetration testing machine, 'host only' should be good to allow the host and the VM to talk.
Try to put both of the machines on the NAT so that you can ping onto the dvwa from wherever you're doing the hacking from! so essentially both of the machines should be on NAT setting if the they're both on a virtual machine.
I accidentally told my network adapter to use a bad ip address in my Internet Protocol Version 4 (TCP/IPv4) properties. A big oops look spread across my face as I pressed the OK button and immediately got disconnected from my remote session. Naturally I can't remote back in and even azure can't reboot the vm. Is there any way I can recover from this?
So things I would do include:
1. Redeploy
2. Try to change VM ip using the portal\powershell
3. Delete the VM and deploy new one using the same os\data disks.
I need help with this and hoping someone can answer with a valid suggestion.
Background: I live under potential threats from nefarious entities and need some help with security.
My setup is this (similar)
Internet dropping into a WinXP VM by NAT from the Win7 host (call the first VM "VM1"). Connecting within VM1 to a VPN. This TAP adapter internet connection is then shared with a local network of VMs (VM2 and VM3) connected by a network adapter #2 on a Lan Segment I created.
The other VMs are private. I work from them.
I connect another VPN from within them, tunneling through the VM1 effectively nesting them.
However-
Recently some reasons for concern. I am very concerned now that someone with ill intent could be accessing my VM1 through either the host system internet connection, or directly into it from the first VPN, and could be traversing my little Lan Segment network and accessing the data on the lan segment VM2 or VM3 directly. Copying data off potentially into VM1 for removal, -or other threats.
I recently have had my USB wifi adapter disconnect from the host and connect itself mysteriously directly to my deep VMs, 2 and 3. It's happened several times- I now removed USB controller from both of those internal VMs as a precaution. Apparently they wanted to bypass all of my security and just cause the internal deep VMs to connect directly to my wifi and report back the info..
So..
what I need help on, is how to keep the lan segment truly private, with ONLY the VPN internet traffic capable of going through the segment to my upper VM1.
For consideration:
Are there windows services that should be stopped or removed from within VM2 or 3 Which in particular pose threats?
RDP off in the registry for example?
how to disable all communication between the deep VMs and VM1 except for the passing through of the internet connection and nested VPN?
Would I start in the TCP/IP stack? removing some of it? Do I need PFSense or another firewall VM inbetween the lan segment and VM1?
Please help me secure my operating VMs from which I work. Let's call me a journalist under an oppresive regime hypothetically and I am very concerned for my safety, but cannot abandon my moral obligations and work.
great question albeit a bit lengthy and panicked sounding. I can't know your 'situation' but I'll try to help. First, relax. Second, put PFSense in between your deep VMs and where your internet drops into your machine. Keep your internet dropping into your VM if possible through the use of Xen and PCIe passthrough. Just pass the network card along into your first upper VM, so any attackers would have to escape that and into the host in order to infect it. Try and keep a clean host. Second, image your upper VM where the internet hits and reload it fresh every day. Just copy it over from a USB or such. Prevent persistant threats-
Next, keep an isolated network between your VM1 (upper) and a PFsense VM. Then connect another adapter to PFSense and an isolated network with your "deep VMs". Delete them regularly. Keeping things fresh is one of the keys to avoiding threats and malwares etc.
Hope this helps, and best of luck wherever you may be.
**Use encryption in everything.
I'm setting up a linux server in a VM for my development.
Previously I've had PHP, MySQL etc etc all installed locally on my Mac. Apart from being a security risk, it's a drag to maintain and keep up to date, and there's a risk that an OS upgrade will wipe part of your setup out as the changes you make are fairly non-standard.
Having the entire server contained within a VM makes it easily upgradable and portable between machines. It means I can have the same configuration as the destination server and with shared folders even if the VM gets corrupted my work is safe on the host machine.
Previously with the local installation I was able to develop on convenient URLs like http://site.dev. I'd quite like to carry this over to the VM way of development but I'm struggling to figure out how, if it's possible at all.
Here's the problem:
In Bridged mode, the VM is part of the same network as the host. This is great but I can't choose a fixed IP address as I may be joining other networks and that address may be taken already. I'd like a consistent way of addressing my VM.
In NAT mode I can't directly address the VM without using port forwarding. I can use http://site.dev if I use the hosts file to forward that to localhost and then localhost:8080 forwards to the vm:80. The trouble is I have to access http://site.dev:8080 which is inconvenient for URL construction.
Does anyone know a way around this? I'm using ubuntu server and virtualbox.
Thanks!
The answer is to define a separate host-only network adapter and use that for host->guest communication.
You can do this by powering down the guest and adding the adapter in the VM settings. Once that's done you can boot the guest again and configure the new network interface however suits you best. I chose a fixed IP address in an unused range.