Using Security Tools Tutorials

General Utilities / VMware pt. 1

Loading the player ...

Subtitles of the Movie (Using Security Tools / General Utilities / VMware pt. 1)

Now, the next tool we're going to look at is a product called VMware and it's not really a security tool per se, but a lot of security practitioners use it on a daily basis to test security tools and security configuration in a lab environment. Now, what VMware is is virtualization software. Virtualization software is used to create multiple virtual machines if you will on host machines, on host servers or PCs. Now with these virtual machines you can build complete virtual computers and networks and connect them together and test them and see how they interact with each other. This is an ideal environment for labs, for server testing, server consolidation, security testing and so forth. What a lot of security practitioners do is test security tools on these virtual machines. Now, you would not want to test some tools on a live server that may cause your anti-virus to trigger it and mistakenly identify it as a piece of malware for example. You'd probably want to test that security tool in a lab environment or in this case a virtual environment to see how it works before trying it in a production or real-world environment. So VMware basically is a big playground you can build that security practitioners use to test tools and configuration in. Now, there's virtualization software available out there for Windows, for Linux and for other platforms as well and also VMware is not the only product out there, although in my opinion it's one of the better ones out there; one of the more mature and stable ones. There's other great programs out there as well; some of them for free, some of them you have to pay a fee for. Some examples of really good virtualization software are Sun's VirtualBox; that's a very good one. Xen hypervisor and also Microsoft has its own line of virtualization products as well. So there's many different ones out there you can use. We're just going to look at VMware and see how it works and you can use it as well or you can choose one of the other products that is out there and a lot of them work the same and there's very similar concepts behind each one of them. Now, for VMware particular, how you use it is you would download it and get a license key from the VMware site and you'd install it and use that license key and you have to choose which version you want. It comes in a server version, which is a really nice web interface and that version is used to create and manage virtual machines and configure them. Then you also have a player version which only plays virtual machines. It allows them to be booted up and start in their own individual windows. It doesn't allow you a lot of configuration options however so you want to use this player if you're just moving virtual machines from computer to computer and you don't want the overhead of installing the server program. There's also a professional workstation variety that does a lot of things too. Now, you can get VMware for either Windows or Linux and that comes in either package you want. Let's go ahead and look at a demonstration of VMware Server 2 and we'll look at the web interface that VMware Server offers. Now, I already have VMware Server installed and we're going to use VMware Server and Player throughout this course to actually demonstrate a lot of the security tools we're going to use. You can choose to use a digital certificate with VMware server if you like and for a secure environment I probably would recommend that. For a lab environment or closed environment you may not necessarily have to do that. So we're going to get different options here. You're going to get a login prompt for security reasons. You want to enable Login so not just anyone can start your virtual machines up. You're going to get a wide variety of options here. First of all you're going to get a inventory of all the virtual machines that are currently installed and you'll have the ability to start those up and look at them and there's a menu up here, an application that's how to manage the virtual, the VMware Server application itself and you have different options for virtual machines. You can create them or add an existing one to inventory. Maybe you copied off from another computer or CD or whatever or downloaded a free one that are available out there. You can also administer permissions and roles here as well. Now, for the different virtual machine options, you have the ability to start a virtual machine and as you can see, as you change context over here, the context changes as well here. So we have different options here. For the openSUSE virtual machine I have installed I actually have the ability to start the machine and stop it here and I can go ahead and start it. Now, you don't have to necessarily connect to a virtual machine or see it visually once it's started. It can be running in the background and you can access it through a Remote Desktop or some other method as well. We've gone ahead and we've started it up a little bit and if you want to kind of take a look at some of the options you can do with a virtual machine, scroll down a little bit. You can add notes. You can also look and see how the hardware is configured and you can actually change hardware. You build the machine itself when you're installing it and configure how you want it and you can also change hardware dynamically if you like; network devices, hard disks, memory and so forth. So there's a wide variety of things you can do. There's different commands you can use over here as well; power off or suspend the virtual machine, reset it and so forth. You can also take snapshots and snapshots basically save the virtual machine state so you can revert to them later if you do something undesirable or say, let's say you install or configure something you don't want and it's difficult to go back. You can actually revert back to a previous snapshot. There's some information over here that you can use as well; the power state of the machine, what guest OS you're using, hardware versions and so forth. Now, there's also items over here you can look at; tasks and you can look at the different tasks that are going on with the virtual machine and determine whether they're successful or not. For example, this virtual machine has started up and that was a success event. Look at the events and it kind of gives you a play by play of what's going on with the virtual machine. You also can set permissions for the virtual machines for different users as well. The next thing we'll talk about is the console. This is where you actually can start the virtual machine in another window and interact with it. Now, it's actually started up already so we click in this window. We're actually starting another window up that we can interact with the virtual machine within that window and here it goes now. VMware Player looks a lot like this as well. It's a little bit different. So now we have the virtual machine up and running. Now, you can switch between full view and a smaller view simply by hitting Control Alt Enter and as you can see, we've actually went into full view. Now we can choose to get our little toolbar here at the top or we can make that go away if we want. We can log into the virtual machine here and we're essentially interacting with it as we would a real machine. And as far as this openSUSE 11 box is concerned, it's a real machine. It doesn't know that it's not. It has its own hardware, it has its network adapter, it communicates with the network with both the host machine and other virtual machines if I want or with other machines on the real network if I so choose. So for all intents and purposes, it's a real computer and it interacts with its environment as a real computer would, which makes it ideal to run security tools on and to test different things on. That's why security practitioners really like virtual machines because it enables them to do things they can't really do to a production environment to test security configurations and so forth. So we're logged into this virtual machine now and we can do anything we want with it. Now we can also go back to where we were before simply by minimizing the virtual machine if we so choose. That brings us back to our VMware Server console.

Tutorial Information

Course:	Using Security Tools
Author:	Bobby Rogers
SKU:	34068
ISBN:	1-935320-88-2
Release Date:	2009-12-04
Duration:	9 hrs / 91 lessons
Captions:	No
Compatibility:	Vista/XP/2000, OS X, Linux QuickTime 7, Flash 8

VTC Sign up & Benefits

Unlimited Access
81,350 Video Tutorials (14,200 free)
Video Available as Flash or QuickTime
Over 715 Courses
$30 for One Month Access
Multi-User Discounts Available

Adobe

Apple

AutoCAD

Autodesk

CS4

CS5

Elements

Exam

Filemaker

Macromedia

Photoshop

Premiere

Pro

Studio

cs3

dreamweaver

flash

microsoft

server

windows

VTC Terms and Conditions

TERMS & CONDITIONS OF USE

BY SUBSCRIBING TO THIS SERVICE, YOU ARE CONSENTING TO BE BOUND BY AND ARE BECOMING A PARTY TO THIS AGREEMENT, THE TERMS AND CONDITIONS OF WHICH SHALL PREVAIL IN GOVERNING YOUR RIGHTS OF USE. BY CLICKING THE "BECOME A MEMBER" BUTTON, THE INDIVIDUAL OR ENTITY LICENSING THE PRODUCT ("YOU") IS CONSENTING TO BE BOUND BY AND IS BECOMING A PARTY TO THIS AGREEMENT. IF LICENSEE DOES NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, THE BUTTON INDICATING "BECOME A MEMBER" MUST NOT BE SELECTED, AND LICENSEE MUST NOT INSTALL OR USE THE SOFTWARE.

1. DEFINITIONS

"VTC" refers to Virtual Training Company, Inc.
"You" refers to the user or subscriber.
"Software" refers to the VTC training content and software.

2. LICENSE: VTC hereby grants to You a worldwide, non-royalty bearing, non-exclusive license to use the Software according to the provisions contained herein and subject to payment of the applicable subscription fees.

3. RESTRICTIONS: You may not do any of the following:

Save the Software to Your hard disk or other storage medium; permit others to use the Software except as specified by addendum; modify, reverse engineer, decompile, or disassemble the Software; make derivative works based on the Software; publish or otherwise disseminate the Software. VTC, Inc., VTC Online University, and the Virtual Training Company site is owned and operated by VTC, Inc. as a corporation of record.
All materials on this site are the property of VTC unless otherwise specified. No material from these pages may be copied, reproduced, republished, downloaded, uploaded, posted, transmitted, or distributed in any way. Modification of the materials or use of the materials for any other purpose is a violation of U.S. copyright law and other proprietary rights. For purposes of this Agreement, the use of any such material on any other web site or networked computer environment is prohibited.

4. FEES: The rights granted under this Agreement are effective only upon payment of the subscription fees, which are strictly non-refundable other than as expressly provided herein. The term "monthly subscription" is defined as any 30 day period. The term "yearly subscription" is defined as one 365 day period. A yearly subscription ends on the same numerical date as it began (example July 28, 2004 to July 28, 2005).

The VTC Online University is access to every VTC training tutorial in our library. You pay a flat fee for access to these titles. You are billed according to your renewal selection below, and can renew monthly, yearly, or in any other increment offered. If you choose to be billed monthly, you will be billed every 30 days for the subscription until you request the subscription be cancelled. Our terms of service state that you must cancel a monthly subscription at least two business days before your renewal date. These two days give us enough time to ensure that you will not be charged again.

5. LIMITED WARRANTY: VTC warrants that the Software, if operated as directed, will substantially achieve the functionality described. VTC does not warrant, however, that Your use of the Software will be uninterrupted or that the operation of the Software will be error-free or secure. In addition, the security mechanisms implemented by the Software have inherent limitations, and You must determine that the Software sufficiently meets Your requirements. VTC also warrants that the media containing the Software, if provided by VTC, is free from defects in material from the date You acquired the Software. VTC's sole liability for any breach of this warranty shall be, in VTC's sole discretion: (i) to replace Your defective media or Software; or (ii) to advise You how to achieve substantially the same functionality with the Software as described; or (iii) if the above remedies are impracticable, to refund the subscription fee You paid for the Software. Only if You inform VTC of Your problem with the Software during the applicable subscription period will VTC be obligated to honor this warranty. VTC will use reasonable commercial efforts to repair, replace, advise, or refund pursuant to the foregoing warranty within thirty (30) days of being so notified. If any modifications are made to the Software by You during the warranty period; if the medium is subjected to accident, abuse, or improper use; or if You violate the terms of this Agreement, then this warranty shall immediately terminate. This warranty shall not apply if the Software is used on or in conjunction with hardware or software other than the unmodified version of hardware and software with which the Software was designed to be used as described.

THIS IS A LIMITED WARRANTY, AND IT IS THE ONLY WARRANTY MADE BY VTC OR ITS SUPPLIERS. VTC MAKES NO OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT OF THIRD PARTIES' RIGHTS. YOU MAY HAVE OTHER STATUTORY RIGHTS. HOWEVER, TO THE FULL EXTENT PERMITTED BY LAW, THE DURATION OF STATUTORILY REQUIRED WARRANTIES, IF ANY, SHALL BE LIMITED TO THE ABOVE LIMITED WARRANTY PERIOD. MOREOVER, IN NO EVENT WILL WARRANTIES PROVIDED BY LAW, IF ANY, APPLY UNLESS THEY ARE REQUIRED TO APPLY BY STATUTE NOTWITHSTANDING THEIR EXCLUSION BY CONTRACT. NO DEALER, AGENT, OR EMPLOYEE OF VTC IS AUTHORIZED TO MAKE ANY MODIFICATIONS, EXTENSIONS, OR ADDITIONS TO THIS LIMITED WARRANTY.

6. PROPRIETARY RIGHTS: VTC reserves all proprietary rights in and to the Software, is protected by copyright and other intellectual property laws and by international treaties. VTC, Inc.

Trademark Notice: VTC, Virtual Training Company, Inc., The VTC Logo, and VTC Online University, are trademarks of VTC, Inc. All other company and product names may be trademarks of their respective owners.
The information contained herein is subject to change without notice. Copyright © 1995 - 2005 VTC, Inc. All rights reserved.

7. TERMINATION: This Agreement shall automatically terminate if You fail to comply with the restrictions described herein. Your obligations to pay outstanding subscription fees shall survive any termination of this Agreement.

8. LIMITATION OF LIABILITY: UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, TORT, CONTRACT, OR OTHERWISE, SHALL VTC OR ITS SUPPLIERS OR RESELLERS BE LIABLE TO YOU OR ANY OTHER PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER, INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES. IN NO EVENT WILL VTC BE LIABLE FOR ANY DAMAGES IN EXCESS OF THE AMOUNT VTC RECEIVED FROM YOU FOR A LICENSE TO THE SOFTWARE, EVEN IF VTC SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH
DAMAGES, OR FOR ANY CLAIM BY ANY OTHER PARTY. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM VTC'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU.

9. Links To Other Materials: Linked sites found at the VTC site are not under the control of VTC, and we are not responsible for the content of any linked site or any link contained in a linked site. VTC may change links based solely on our discretion, and we reserve the right to terminate any link or linking program at any time. VTC does not, by linking to sites, endorse companies or products to which it links and reserves the right to note as such on its web pages. If you decide to access any of the third party sites linked to this site, you do this entirely at your own risk.

Forums, and Chat are not always screened by VTC, and we are not responsible for the content of any public or open forum content at the site. VTC may change these public forums based solely on our discretion, and we reserve the right to terminate any forum at any time. VTC does not, by allowing these forums, endorse companies or products which may be mentioned in these forums, and reserves the right to note as such on its web pages. If you decide to access any of the public forums in this site, or linked to this site, you do this entirely at your own risk.

9. GOVERNING LAW & DISPUTE RESOLUTION: This Agreement is governed by Virginia law. All disputes between You and VTC shall be finally resolved through arbitration in Winchester, Virginia. This site is controlled by VTC from its offices within the United States of America. VTC makes no representation that materials in the site are appropriate or available for use in other locations, and access to them from territories where their content is illegal is prohibited. Those who choose to access this site from other locations do so on their own initiative and are responsible for compliance with applicable local laws. You may not use or export the Materials in violation of U.S. export laws and regulations. Any claim relating to the Materials shall be governed by the internal substantive laws of the Commonwealth of Virginia, USA.

VTC may revise these Terms at any time by updating this posting. You should visit this page from time to time to review the then-current Terms because they are binding on you. Certain provisions of these Terms may be superseded by expressly designated legal notices or terms located on particular pages at this Site.

If you have any questions regarding this policy, or your information specifically,
you may email us at:admin@vtc.com.

Using Security Tools Tutorials