20-CS-[51|60]55 Cyber Defense Overview Fall 2018
VirtualBox Networks

Authentication, Availability, Confidentiality, Integrity, Defense Principles, Intrusion Detection, Attack vectors, more

 
VirtualBox Guest-Host Communication

Introduction
The default network configuration for a VirtualBox VM is a NAT adapter. This allows VMs to `see' machines beyond the host but not the host and other VMs. Since labs in this course will usually involve three or more machines that must have access to each others transmissions, a different network configuration needs to be used. VirtualBox solves the above problem with a `host-only' adapter.

Host-Only Adapter Definition
Start VirtualBox but not any VMs. You will see this window:

Drop the `File' menu and select `Host Network Manager' as shown:

The Host Network Manager window has a `create' icon to the left. Click that icon. The result is a vboxnet0 interface. The window looks like this:

Make sure the DHCP server is enabled. Click the 'DHCP Server' tab and check the range of IP addresses that will be made available. You can change them if you wish.

Host-Only Adapter Setup
Select the VM you will start from the menu in the VirtualBox startup window (see the first figure of the previous section). Select `Settings' (see first figure of the previous section). Select `Network'. The following window appears:

Click on `NAT' and choose `Host-only Adapter'. Click `Advanced' and choose `Allow All' in the `Promiscuous Mode:' menu. The result looks like this:

Note the use of the `vboxnet0' adapter that was defined globally. Start the VM by clicking on the green arrow (see the first figure of the previous section).

Test the results
Open a shell in the host machine (hopefully Linux). Execute `/sbin/ifconfig' and the result should look like this, in part:

vboxnet0  Link encap:Ethernet  HWaddr 0a:00:27:00:00:00
          inet addr:192.168.56.1  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::800:27ff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:305 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:52301 (52.3 KB)
    
Open a shell in the guest machine (probably Kali) and execute `/sbin/ifconfig'. Note the name of the interface that will be used to connect with the host. It is probably `eth0' or `eth1'. Suppose it is `eth0'. Execute `/sbin/ifconfig' again to find something like this:
eth0      Link encap:Ethernet  HWaddr 08:00:27:91:74:9d
          inet addr:192.168.56.101  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe9a:749d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:37 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:7182 (7.0 KiB)
    
If you do not see an IP address try executing this:
   /sbin/ifconfig eth0 192.168.56.101 netmask 255.255.255.0 up

From the host's shell execute:
   ping 192.168.56.101

The result is similar to this:

    PING 192.168.56.101 (192.168.56.101) 56(84) bytes of data.
    64 bytes from 192.168.56.101: icmp_seq=1 ttl=64 time=1.34 ms
    64 bytes from 192.168.56.101: icmp_seq=2 ttl=64 time=0.763 ms
    64 bytes from 192.168.56.101: icmp_seq=3 ttl=64 time=0.621 ms
    64 bytes from 192.168.56.101: icmp_seq=4 ttl=64 time=0.842 ms
    64 bytes from 192.168.56.101: icmp_seq=5 ttl=64 time=1.02 ms
    
Start a second VM and change the network adapter from `NAT' to `Host-only' using `vboxnet0' (which is probably the only choice at this point anyway). Then open a shell in the second VM and execute:
   /sbin/ifconfig
to find the interface that will connect to the host and then, assuming it is `eth0', you will likely see something like this:
eth0      Link encap:Ethernet  HWaddr 08:00:27:91:74:9d
          inet addr:192.168.56.102  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe9a:749d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:37 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:7182 (7.0 KiB)
    
showing an inet address that is one higher than for Kali linux in the last octet. If things seem to be way off try executing this:
   /sbin/ifconfig eth0 down
   /sbin/ifconfig eth0 192.168.56.102 netmask 255.255.255.0 up'

Then from the host execute
   ping 192.168.56.102
to see output similar to that above. From the Kali VM exeute:
   ping 192.168.56.102
and from the second VM execute
   ping 192.168.56.101
to check communications between the guests.