Opsec Technical Guides

An Effortless Tutorial for Setting Up High Security Virtual Machines

Setting Up High Security Virtual Machines

With the rise in Cyber crime and theft, passing secret information through a network can be highly unsafe.

However, high security Virtual machines that keep your information private are always being developed.

In this article, we’re going to discuss how you can utilize these virtual machines for your online safety. 

Employing Virtualization to Enhance Information Security

Since the evolution of computers, cyber attacks on individuals and companies have exponentially increased.

Drug dealers and cyber criminals are always looking for ways to enhance their privacy online.

Unfortunately, they aren’t the only ones being sniffed online, businesses, and individuals are on the list.

A lawyer or banker who accidentally gets his computer hacked could risk exposing secret client details.

This means they can get sued for the mistake of not securing themselves online.

And their career could be at risk.

On the other hand, individuals who wish to keep certain information about themselves can get hacked too.

The average internet user today has been ripped off a lot of personal information that should be private.

Hackers know how to easily get access to this information and create trouble with them.

This information can be used to blackmail the individual or to tarnish their reputation.

The key to being secure on any network now is to practice in-depth defense.

Unfortunately though, building an unbreakable wall around yourself online in terms of privacy can be hard.

As there are insanely sophisticated methods that could be used to bridge online security.

However, creating a reasonable amount of security is possible.

Here are a few ways you can get close to being totally secure online.

You would be fine except in the case of some insanely sophisticated intrusion attempts. 

Rule Number One: Don’t Have an Identity-Crisis

Imagine being spoofed around online and you’re invisible because of some high security measures you observe.

Then at a point you end up logging into your social life and non-sensitive information accounts on your private network.

Remember, you should just avoid sharing private information on a non-secure network.

For the government, accessing your information is a few clicks away. 

At critical points hackers or the government could be listening to your phone calls as well.

Hackers or government spies could use phishing and MITM vectors to access your social media conversations.

baseband exploitation and malicious iOS/Android applications can be used to listen in on your phone calls.

Latest Windows operating systems, Android, IOS and even your ISP can’t be easily protected from intrusion.

If you are a Windows fan, you should be saying hello to the Windows server 2012 and bye to amazing GUI.

You want to use high security operating systems that are *nix based and designed with security in mind.

Subgraph Linux, a Whonix setup, Tails OS, etc, are some of your best options.

It’s tough to give up the beautiful widgets and apps that come with the daily OS systems.

And some people are not ready to run their daily workstation on operating systems like Linux.

But the average operating system comes with privacy invading and vulnerable apps, widgets, and plugins.

Understanding and being comfortable with operating systems that are secure isn’t hard at all. If you are new to virtual products like Virtual box and VMware, now is a great time to learn these. 

With virtualization, you can get access to a range of possibilities with your workstation.

Security might be your key reason but virtualized computers can let you run apps on different operating systems in the same workstation.

Most of the websites you visit are run on virtualized servers.

It also opens a whole new opportunity for IT technicians.

You can also test out new operating systems without fully committing your workstation to it.

Basically with a virtualized system, you can run 2 different operating systems on a workstation.

It’s Defcon level 1 security to visualize a secure operating system with a non-secure operating system.

It protects you from common security attacks on your workstation way better than having no online security at all.

We would show you here how to employ this using Oracle’s Virtual box, which offers free virtualization solutions.

You also get excellent quality workstation packages.

The virtual box provides additional security as its codebase is community reviewed. And guess what? We’re going to use the open source version. 

Rule Number Two: Don’t Be So Non-Volatile

Your highly secure information could reflect on your disk drive if you make some conscious mistakes.

This could be saving information from the Virtual machine to your computer disk drive, which obviously bridges your security.

To avoid this, it’s necessary to understand that a virtual machine uses ISO images to store information needed by the virtual software.

The contents of your ISO file can’t be breached, it’s size stays the same at all times.

These ISO can’t be stored to the hard disk of your workstation, it can’t be written, basically shows I/O error when it tries to write it.

So if virtual machines use ISO as it’s read only by default,  the intention is to keep your file totally safe. It can’t be bridged.

So don’t use a Swap file(a part of your hard disk that emulates a RAM) to save data from the virtual software.

It’s necessary to avoid your virtual software utilizing the RAM of the host system.

Even though RAM is volatile, it could still leave traces of your activity on it.

This could happen when your virtual machine is starving of RAM.

So for a brief period, it tends to utilize the RAM of your disk drive.

But you can avoid this from happening by turning on the M lock Linux command.

Or adjust the swap memory on the virtualbox. 

Swap memory is normally purged upon closing of VirtualBox and also when you shut down the host operating system.

This would ensure your RAM doesn’t get too hungry to virtualize on the hard disk.

Also avoid pausing or suspending the state of the virtual machine, this could bring about saving your progress.

Whenever you are done using it, turn off the system or switch the operating system.

This would clear every data or content off your disk drive by rewriting the RAM thousands of times per second.

So in conclusion volatility is necessary to keep your security notched.

Rule Number Three: NIC Your Problem in the Bud

We want to help you stay as private as possible, therefore the term NIC (Nip) your problem in the bud.

It’s important to determine if your host operating system would share network connection with the guest operating system.

By default the network address translation NAT is configured by the virtualization software in such a way that your IP address is shared.

This means that your internet connection could be intercepted.

And thus link to both the host and the guest operating system.

To get rid of this security breach, you need to translate the host operating system connection to your guest operating system’s world.

Basically, you need to buy a $10-$20 wifi adapter to connect it to your virtual machines.

The virtual box company could do this for you, tell them to connect it to your higher security virtual machine.

This would ensure that your virtual machine controls the dedicated NIC.

To up your security, finally change the Mac address of your dedicated NIC.

It’s important to note that the host operating system you’re virtualizing on might still be at risk.

And the network connection might still stand the risk of being breached.

If you’re suspecting some foul play currently, you should upgrade to a higher virtual software. 

And send all data packets through an iron clad VPN or SOCKS5 proxy.

Instructions for Virtual Box    

  1. Download the software here
  1. Download a Linux ISO preferably Tails operating system.
  1. Use the Debian/Ubuntu 64 bit option because it works well for Linux operating systems to create a new virtual machine. 
  1. Skip the step of configuring a virtual disk drive, this is to avoid using the host disk drive.
  1. Go to the system settings on the virtual machine and adjust RAM to 1024 and 1- 2 gb.
  1. Go to the system processor system pane.
  1. Adjust the number of processors in your virtual machine to 2 for better responsiveness.
  1. You can further Increase responsiveness by adding a second processor core.
  1. Disable all the network adapters under the Network settings.
  1. Start your VM, Select ISO, click the USB-Devices icon, and switch over your external WiFi adapter.

In order to ensure optimum security, it’s necessary to download the latest Linux operating system.

And if you want a more advanced option, use Whonix as it provides higher security.

Screenshots for Guidance 

Step 1: Download the virtual box software

Step 2: Download Tails OS or Whonix for advanced security 

Step 3: Create the Virtual machine

Step 4: Skip the hard drive part by selecting the don’t hard drive option. And yes, ignore all hard drive prompts

Step 5: Add the second core

Step 6: If you are really opting for security, avoid sharing network adapters

Step 7: Start the virtual machine and chose the ISO

Go to storage > preferences to configure bootable drive complaints. (If any) 

Step 8: Once the virtual software is running, click the USB option below. 

This would connect the network adapter and Tails can randomize the MAC address. 

If you downloaded a different version of Tails, use the command below to randomize MAC addresses..

#ifconfig wlan0 ether XX:XX:XX:XX:XX

The Bottom Line 

Even Tor can’t guarantee total security on the web, so be aware of signs of breaching and take action immediately.

Good luck.

Leave a Reply

Your email address will not be published. Required fields are marked *