using Back Track 5 with VMware ?

[gr33n]

I am having trouble understanding how people use VMware for hacking I know that it is a lot easier to secure the hard drive of the VMware then an OS installed on a physical one.
However would the systems resources not be wasted on the parent OS which would make it a hell of a lot slower doing a dictionary attack or brute forcing using a VMware.
what are your thoughts?
 I just find it hard to believe that you would sacrifice so much of your machines power.

Thanks, gr33n.

[parad0x]

I am having trouble understanding how people use VMware for hacking I know that it is a lot easier to secure the hard drive of the VMware then an OS installed on a physical one.
However would the systems resources not be wasted on the parent OS which would make it a hell of a lot slower doing a dictionary attack or brute forcing using a VMware.
what are your thoughts?
 I just find it hard to believe that you would sacrifice so much of your machines power.

Thanks, gr33n.

Hello gr33n, I use my BackTrack 5 R2 in VMWare.Ya its true that sometimes the parent OS makes it slow but If you don't want to waste your resources on the parent OS then use the RAM of the parent OS in the VMWare Machine and close all the programs then use your dictionary or brute force attack OR
don't use BackTrack in VMWare.
The choice is completely yours.

[gr33n]

Hello gr33n, I use my BackTrack 5 R2 in VMWare.Ya its true that sometimes the parent OS makes it slow but If you don't want to waste your resources on the parent OS then use the RAM of the parent OS in the VMWare Machine and close all the programs then use your dictionary or brute force attack OR
don't use BackTrack in VMWare.
The choice is completely yours.

Thanks for quick reply I was just interested in whether the parent OS takes up a significant amount of the resources.
thanks for your answer

[proxx]

Its always better to run it off the bare metal.
Vm's basically suck in all perspectvies. useful though.

[Daemon]

I am having trouble understanding how people use VMware for hacking I know that it is a lot easier to secure the hard drive of the VMware then an OS installed on a physical one.
However would the systems resources not be wasted on the parent OS which would make it a hell of a lot slower doing a dictionary attack or brute forcing using a VMware.
what are your thoughts?
 I just find it hard to believe that you would sacrifice so much of your machines power.

Thanks, gr33n.

First off VM's are the best for testing stuff. You write a virus? Test it on some VM's, each with a different AV. Want to try a registry tweak/hack? VM is excellent for that. Anything you want to try and hack, VM's are perfect for experimentation because if you fuck them up then you just restore a snapshot. As for penetrating networks or performing dictionary attacks, I would use a VM for that because when I build that machine I could give it anywhere from 1 to all of my processor cores so I would give it a decent amount then just let it run in the background while im on the host OS performing other tasks so that they don't interfere with each other. Yes, it is slower on the processor, however it saves on physical space (which counts for a lot with desktops once you add in monitors, keyboards, mouse, cables, etc.), and its free whereas building a new machine costs money. Plus, if I back up my snapshots then when my host OS fails I can simply buy 1 new machine, install VM or VB or whatever, then load those snapshots and it's as if I never left.

Just my experience/thoughts regarding VM's, I'm a bit new to the concept (6 months old?) but I'm in love with the damn things. I thought it would be easier just having a test physical machine for stuff like that, or testing out OS's, or playing with, etc. But after spending too much time having to fix broken machines, swap RAM, pull cases off of computers that are stuck cause one plastic thingy is broken, I came to appreciate how god-awful easy it is to boot up VM, and create or destroy virtual machines at will. Maybe one day you will too


Edit*
What do you mean "easier to secure the HD of a VM than a physical machine?" really, there is no harddrive. It's a collection of files on your physical HDD, meaning if someone can steal your physical HDD then they have access to your VM HDD's as well. If you meant securing as in encrypting them or something, then it's about as easy as encrypting any other file on your computer is. Install, point, click, DONT FORGET PASSWORD lol

[lucid]

I think he's talking about the concept of using a VM for hacking and there being no traces on your actual OS of what you did? Like using a liveCD for hacking. I think.

Which isn't a bad idea especially if you set up the VM on an encrypted external ^_^

[gr33n]

I think he's talking about the concept of using a VM for hacking and there being no traces on your actual OS of what you did? Like using a liveCD for hacking. I think.

Which isn't a bad idea especially if you set up the VM on an encrypted external ^_^

yes this is what I mean.

I mean it would be easier to save the vm harddrive in a truecrypt folder with a massive password to secure the hard drive of when you where hacking.
I think that would be easier then encrypting a whole partition but I may be wrong as I am using truecrypt and only saw an option to secure the whole partition for a windows OS.
Do you guys have another program as good as truecrypt that would encrypt the whole patition or hard drive?

When using a live CD it still slows it down he system a lot  as well doesn't it? because the OS is being run all from ram or something like that.
otherwise I guess I could just use the CD instead of installing backtrack 5 r3 or something
soz for noob questions lol

thanks for you replys, gr33n.

[lucid]

In Windows there is an option to make an encrypted container instead of just the whole system. That would be a pain in the ass. If you're looking for something for linux I would say you could try dmcrypt with LUKS. There's also eCryptfs. It all depends on what kind of encryption you want to do. Block device encryption(dm-crypt with LUKS) or stacked filesystem encryption(eCryptfs). Here's a good wiki about it. It still applies if you aren't using Arch linux so don't worry about that:

https://wiki.archlinux.org/index.php/Disk_Encryption