Whitepaper: Installing a virtual honeywall using VMware

Diego González Gómez produced this interesting paper on the first day of the year. It really worths the reading since seems the first 2005 virtualization news:

The Honeywall CDROM is a bootable CD with a set of open source tools configured by the Honeynet Project to make the implementation of a GenII Honeynet Gateway easier. Using this document as an installation guide, we are going to implement the Honeywall using the commercial software, VMware . This document makes a few assumptions, one of them is that you have read and understood the papers Know Your Enemy: Virtual Honeynets, Know Your Enemy: Learning with VMware, Know Your Enemy: Honeywall CDROM.

VMware is virtualization software that allows the running of multiple operating systems at the same time on Intel x86 architectures. It was and is developed by VMware Inc. and it has three product lines, namely Workstation, GSX, and ESX. We will be using Workstation. You can download a free evaluation version here.

Several tools included in the CD are only available for GNU/Linux platforms. One of the advantages of using VMware is that it permits the implementation of the Honeywall under any operating system supported by this program. Up until the CD was released, the only way to install a complete Honeywall under Windows (with traffic limiting capabilities using iptables, for example) was to first install VMware and then configure a GNU/Linux distribution under it. But now, with the introduction of the Honeywall CDROM this task is very straightforward.

Another reason for implementing the Honeywall using VMware is that by default, Honeywall uses all resources of the machine you install it on. If a virtual environment is used then this is restricts the Honeywall to use only the resources inside the virtual machine. The advantage is that it is not necessary to consume all the resources of a machine to install the Honeywall CDROM.

Finally, VMware is a good tool for testing purposes. It is an excellent option to develop and experiment with multiple customized Honeywall CDROMs in a controlled environment.

Microsoft Virtual Server Migration Toolkit demonstrations

John Howard, Microsoft UK’s IT Evangelist, realized some much appreciated clips of Virtual Server Migration Toolkit (VSMT) usage and posted them on his blog:

Leaving the name issue to one side, I’ve recorded a series of eight clips which walk through the process of migrating an NT4 server into Microsoft Virtual Server 2005 using the VSMT (Virtual Server Migration Toolkit). Each of these clips is only a few minutes long, with the longest one only 10 minutes. Please feel free to delve in as you want. These clips essentially run through the steps described in a fabulous white paper available on microsoft.com.

You will be able to see demo live in Birmingham on January 13th where you can ask me questions in-person.

The first blogcast is an introduction to the environment I’m using to perform the migration and can be viewed by clicking here.

The second blogcast is using the gatherhw tool to generate an XML manifest cataloguing the hardware in my NT4 Server. This can be viewed by clicking here.

The third blogcast walks through validating the XML file describing the hardware which the server being migrated is running. It can be viewed by clicking here.

The fourth blogcast walks through generating the P2V (physical to virtual) files used for the remainder of the migration. It can be viewed by clicking here.

The fifth blogcast walks through updating the script files to ensure the generated P2V migration files work correctly in the environment validating the XML file describing the hardware on the server being migrated and adds an device to ADS for the target Virtual Server machine. It can be viewed by clicking here.

The sixth blogcast walks through capturing a disk image of the NT4 server into ADS. It can be viewed by clicking here.

Thanks to Steven Bink for this news.