I accidently broke my centos VM in azure by twiddling firewall rules within it. After a reboot, the normal ssh access is not working anymore. Is there any chance to get into that VM, any console login directly to the machine somehow?
After reading the current state (April 2016) at microsoft about this, I've decided to dump the virtual machine and set it up again:
This one-directional access is just a start. Console screenshots and serial output can help identify a problem, but they are not the solution for resolving the problems. We are working on enhancements that will enable secure bi-directional access to the console of the virtual machine. This will enable additionally debugging capabilities, and, more importantly, the ability to resolve a set of common problems through the bi-directional access. Right now, I don’t have a timeline but we know this is critical.
(article)
Related
My supervisor is pushing developers to install any compiler (Visual studio etc) on a virtual machine vs desktop. His argument is, it is more secure to put compiler on virtual in case desktops are hacked. But if i can access virtual machine from my desktop then hacker can too. I am just trying to understand why it is more secure to put compiler on virtual. Thank you.
If virtual machine is hosted in the cloud(public/private/internal) then probably somebody else is managing security in the cloud. That case probably it is almost certain that it will provide more security then bare desktop.
However we are relying on the somebody.
If your VM is running on desktop hypervisor, then I would prefer doing all work on the VM. In hacking scenario, I would still have my desktop, while VM may be gone.
I have seen something similar when Ransomware attack happened, all windows desktop were gone including local filesystem/vms, but only VM running Windows were affected, and hypervisor and local filesystem were all good if running non-windows host os.
Not sure if it answer your question, but putting my perspective on what I have seen so far in the industry.
I want to install Damn Vulnerable Web Application (DVWA) on VirtualBox, so I downloaded the DVWA.iso and I'm following this tutorial for its installation.
At step 9, they say to choose internal network, but I don't really understand why (is it a security problem if I don't choose this option?). Because if I select internal network after I've got an IP like 10.0.something and when I try to connect from my computer (not the VM) to 10.0.something/login.php that doesn't work. But if I select bridge networking, I've got an IP like 192.168.something and it works.
Could you explain me why is it important to choose internal network, and why that doesn't work when I choose this?
Internal network on VirtualBox creates a network between boxes on the same host . I can't see the next steps of the tutorial you linked but my guess is that it will ask you to install Kali (or similar distro) on another box on that same host. This is what most people do.
Setting 'internal network' allows the 2 machines to talk to each other without any contact with the outside.
It is considered a security measure because the DVWA is a vulnerable machine so some people think that you shouldn't be giving access to internet to it, but I guess it's more about 'best practice' than a real security risk because in most cases firewalls, routers and ISP will prevent outside attackers to connect directly to that machine in any case.
Anyways, if you are using another computer on the same network to connect to DVWA you should be ok in using a 'bridged' connection on VirtualBox (this it will give to the DVWA an IP sitting on the same network of the host and of your computer). In NAT mode VirtualBox acts like a router, it may still be a good solution for you but not sure if the box is reachable from other computers as I think VB settings may affect this case.
If you are using instead the Host as a penetration testing machine, 'host only' should be good to allow the host and the VM to talk.
Try to put both of the machines on the NAT so that you can ping onto the dvwa from wherever you're doing the hacking from! so essentially both of the machines should be on NAT setting if the they're both on a virtual machine.
I tried to install a hardware I've installed in my previous computer under Windows 7, basically an external network card with antenna, but when I try to use it, after installed it I get this bluescreen error:
BUGCODE_NDIS_DRIVER
I don't know if it's possible to fix it, any useful information?
PS: If this isn't the best Stack forum, please guide me to the right one.
There is some technical information on Windows Dev Center - Hardware on this bugcheck. Driver developers can find the cause from the bugcheck code and parameters.
I can duplicate the BUGCODE_NDIS_DRIVER blue screen on my Windows 8.1 developer box fairly easily by opening two different VPN tunnels. Luckily, I don't need both running at the same time, so my solution is "don't do that".
For example, I open SonicWALL Global VPN Client to connect to one network. Then, I open the Cisco VPN client to connect to another. The crash happens almost immediately.
If you have two active network card, deactivate one, that is all.
I connected two laptops using a cross-over cable. My IP Address is 192.168.1.1 and the other IP Address is 192.168.1.16. We both are able to ping each other and the reply is perfect. There is no loss of packets.
The problem is I shared a file and the other system is not able to open my IP Address using the run command. Even I am not able to open my Shared folder by giving in the run (\\192.168.1.1). A dialogue box with the message \\192.168.1.1, The Network Path was not found opens each time we try this.
But I am able to open his shared folder by giving in run command (\\192.168.1.16). I closed all the firewall services in my system. But still my system is not able to respond. Also we are not able to use remote desktop connection.
Can anyone please help me in solving this?
Additional Details: I use Windows XP and the other machine uses Windows 7. We both are in the same work group.
Here are some steps to solve your problem:
Did you set the static IP by yourself or that come automatically?
If yes then please go and set the IP manually
Then share the file and put the permission of that file to Maximum (If you believe your partner)
Then power down the firewall or antivirus for some moments (say 10 minutes)
Now try to connect using the \192.xxx.xxx.xxx method using the Run window
If the 5th step is not working, then try disabling and reenabling the LAN card, then try the 5th step again.
Hope that solved your problem.
Remote Desktop needs to be explicitly enabled. Right click on "My computer", go to properties and look at the remote settings tab.
I advice you to use Radio Access Point to connect both windows 7 and windowsXP. I think this is best choice of troubleshoting jaringan. why?
Because I already do anything to connect both Operating System but can't solve that problem.
I'm setting up a linux server in a VM for my development.
Previously I've had PHP, MySQL etc etc all installed locally on my Mac. Apart from being a security risk, it's a drag to maintain and keep up to date, and there's a risk that an OS upgrade will wipe part of your setup out as the changes you make are fairly non-standard.
Having the entire server contained within a VM makes it easily upgradable and portable between machines. It means I can have the same configuration as the destination server and with shared folders even if the VM gets corrupted my work is safe on the host machine.
Previously with the local installation I was able to develop on convenient URLs like http://site.dev. I'd quite like to carry this over to the VM way of development but I'm struggling to figure out how, if it's possible at all.
Here's the problem:
In Bridged mode, the VM is part of the same network as the host. This is great but I can't choose a fixed IP address as I may be joining other networks and that address may be taken already. I'd like a consistent way of addressing my VM.
In NAT mode I can't directly address the VM without using port forwarding. I can use http://site.dev if I use the hosts file to forward that to localhost and then localhost:8080 forwards to the vm:80. The trouble is I have to access http://site.dev:8080 which is inconvenient for URL construction.
Does anyone know a way around this? I'm using ubuntu server and virtualbox.
Thanks!
The answer is to define a separate host-only network adapter and use that for host->guest communication.
You can do this by powering down the guest and adding the adapter in the VM settings. Once that's done you can boot the guest again and configure the new network interface however suits you best. I chose a fixed IP address in an unused range.