Get VBox. Use it For Everything

Rebuilding actual systems with discs and USBs and boot orders is long and horrible, but using virtual machines (VMs), it’s far easier to make, fix, delete or replace an OS. It’s also great for anonymity and security.
VBox is by far the easiest solution for this. VMware Fusion is powerful and easy to use, but costs money (a free trial is available). Xen is extremely powerful and open source, but quite advanced so noob users should stay away unless they like steeper, command-line learning curves. For practice as a sysadmin (i.e. using mid-level Linux operations, command line/text editors, scripting etc.) it is pretty excellent, and once you’ve mastered it you’ll feel like Yoda. Click here for a more in-depth comparison of VMs.

The only real downside of VMs is power. For e.g. my Macbook Pro is a 2.5Ghz i5 with 16GB RAM. My VMs have 1 core each and 2GB (Kali has 4GB). This just isn’t enough to run something like a WiFi cracking program effectively. So my best bet here is to not use a VM at all as it would take too long. If I want to crack a WiFi code or password (or perform any task that needs a shitload of concurrent operations) my best bet is to dual boot my Mac, so instead of using a VM with a fraction of my hardware resources, I am booting into an OS that can use 100% of it. So instead of my allocated 2GB of RAM and 1 core of my CPU, I can use 16GB of RAM and all cores of the CPU. Much faster.

Check to see if your CPU supports virtualisation:

AMD Virtualisation Check Utility
Intel Virtualisation Check Utility

If Virtualisation is supported, reboot and go into your BIOS to find the Enable setting. It might take a while – if it is not immediately obvious under Advanced Settings > Virtualisation, you might find it under Security > System Security > Virtualisation.

Once that’s done, get VBox here and install it. if you need help then check then try one of the links below. It’s all pretty self-explanatory though. Now you can make as many machines as you like!

Installing Kali with VBox

Testing Stuff

So for diagnostics it’s kinda fun to run several virtual machines. You can try things like deleting registry keys on Windows installs, messing about with keychains on Mac installs, or practice server admin with an Ubuntu server. Whatever the use, it’s brilliant to be able to wreck a machine completely and just replace it with a few clicks. Make a VM, take a snapshot and test it to your heart’s content.

You can check files that you think might be infected, visit websites that you think are suspicious, run software that you think might be compromised or seems to good to be true, or you can just run programs that you think might crash your system (NB if you’re testing for viruses you should take your VM off the internet/network before you open/click/install anything). If anything gets broken, damaged or corrupted you can reinstall your VM snapshot and continue.

You can install any OS on a VM so with a powerful enough host machine you can have a selection of operating systems for different purposes. This is especially helpful with web testing – you can have different versions of OS and browser on different machines and check compatibility for your app/website. I once built a hypervisor to run every version of IE, FireFox, Chrome, Safari and Opera that we could find. It was about 20 machines in total. Was a pain checking a site on all of them but at least it was thorough.

Security, Anonymity & Virtualisation

When you start using tools like Tor you put yourself in with a pretty severe peer group. People will try to hack you and if you aren’t a security badass (which you’re not) then you’re going to get nailed. 100%. You can’t just wander in and chat t people while you idly browse. Especially if you are a first timer with an insecure OS – go on Tor and talk hacking and you are just asking for it. then your whole system is down. Never use your actual system for things like Tor, or any browsing you think is risky. Virtual machines are not impossible to penetrate, but they are one more layer of security that an attacker has to go through and it’s not easy. A secure OS (like Tails) inside a decent VM will make it hard to hurt you, and if/when somebody destroys your system, you just delete the VM and make another. Your main system stays intact.

The other massive advantage of VMs is anonymity. Obviously if you run Windows within a VM and broadcast your name then it won’t be terribly anonymous, but VMs offer a layer of protection, and if you add an operating system that prides itself on anonymity then VM + secure OS is a very strong combination. Tails is quoted by Anonymous as being “the closest to anonymity you can get” which is a pretty mean recommendation. Get the .iso for Tails here and load it up with VBox as a new OS.

With a VM you can (to some extent) behave pretty irresponsibly as far as security and online safety is concerned. So yeah, get VBox and use it for everything.