0
1
00:00:03,030 --> 00:00:07,520
We need virtualization software to install and use Security Onion,
1

2
00:00:07,540 --> 00:00:12,850
Kali Linux, and Metasploitable,  so we will use virtual box for that purpose.
2

3
00:00:12,900 --> 00:00:16,680
But let us first define virtualization.
3

4
00:00:16,680 --> 00:00:18,680
So what is virtualization.
4

5
00:00:18,690 --> 00:00:25,950
It is an abstraction layer using a hypervisor which is the virtualization software that hides the operating
5

6
00:00:25,950 --> 00:00:33,390
systems from the underlying computer hardware and runs multiple VMs or virtual machines on a host or
6

7
00:00:33,390 --> 00:00:37,170
physical machine so that they virtually share its resources.
7

8
00:00:39,920 --> 00:00:47,090
And we have two types of hypervisors: type one or bare-metal which is loaded directly on the hardware
8

9
00:00:47,600 --> 00:00:50,480
and then the VMs will be installed over that.
9

10
00:00:50,480 --> 00:01:00,140
Examples include: VMware ESXI , and Microsoft Hyper-v. Type 2 hypervisor which is lorded over an operating
10

11
00:01:00,140 --> 00:01:03,080
system that is running on the hardware.
11

12
00:01:03,080 --> 00:01:07,910
So here we have an additional layer which is the host operating system.
12

13
00:01:08,300 --> 00:01:16,850
And examples of these type is VMware workstation VMware Fusion which is used on Mac, and Oracle
13

14
00:01:16,850 --> 00:01:22,220
VirtualBox. And as you guess type 1 hypervisor is better
14

15
00:01:22,220 --> 00:01:30,380
in terms of performance and therefore it is usually used in data centers while type 2 is used usually
15

16
00:01:30,380 --> 00:01:39,800
on desktops and laptops by individuals for testing and learning. And we have many types of virtualization:
16

17
00:01:40,460 --> 00:01:48,530
We have for example server virtualization, desktop virtualization, network virtualization, such as virtual
17

18
00:01:48,530 --> 00:01:58,550
routers, switches, and firewalls, and application virtualization, and so on. And the benefits of virtualization
18

19
00:01:58,550 --> 00:02:05,570
include resources utilization, or optimization since it solves to the server under-utilization problem
19

20
00:02:05,910 --> 00:02:12,800
so you can install multiple virtual servers on a single physical server instead of running one application
20

21
00:02:12,800 --> 00:02:21,620
per physical server. That leads also to reduce the number of servers used which results in savings in
21

22
00:02:21,620 --> 00:02:30,710
cost, power, cooling, and space. And this saving of power and cooling could be done also during operation
22

23
00:02:31,280 --> 00:02:37,850
either manually based on utilization by moving machines between physical servers using VMotion for
23

24
00:02:37,850 --> 00:02:45,950
example, or even automatically using the DRS or Distributed Resource Scheduler and DBM or Distributed
24

25
00:02:45,950 --> 00:02:50,240
Power Management in VMware environments.
25

26
00:02:50,480 --> 00:02:57,560
Another benefit is availability, so anything affects one VM does not affect other VMs on the same physical
26

27
00:02:57,560 --> 00:03:07,820
server. And the DR or Disaster Recovery will be better since it can be faster and automated. And we
27

28
00:03:07,820 --> 00:03:10,370
have also scalability.
28

29
00:03:10,370 --> 00:03:21,320
For example virtual machines cloning, hot additions of CPU, and memory, and so on. Virtualization also
29

30
00:03:21,320 --> 00:03:29,210
makes management easier because we have fewer physical servers, centralized management, and quick deployment.
30

31
00:03:32,370 --> 00:03:34,420
So what is virtual box.
31

32
00:03:34,710 --> 00:03:41,940
It is a free and open source virtualization software that is developed by Oracle Corporation after acquiring
32

33
00:03:42,150 --> 00:03:51,560
Sun Microsystems, and it is a type 2 hypervisor, so it runs on a host operating system and not directly
33

34
00:03:51,800 --> 00:03:53,640
on the hardware.
34

35
00:03:53,930 --> 00:04:03,560
These host operating systems include: Linux, Mac OS, Windows, Solaris, and open Solaris. And the guest operating
35

36
00:04:03,560 --> 00:04:11,090
systems include: Windows, Linux, BSD OS2 , Solaris and others.
36

37
00:04:13,910 --> 00:04:22,160
So in this course we will be creating VMs where we will be asked first for essential information
37

38
00:04:22,610 --> 00:04:33,320
such as the name of the VM, the type such as Microsoft Windows or Linux, and the version such as Windows 7 or
38

39
00:04:33,320 --> 00:04:36,070
Ubuntu.
39

40
00:04:36,130 --> 00:04:43,730
Also we have to specify the memory size for this VM. And then the hard disk.
40

41
00:04:44,150 --> 00:04:48,170
So if we want to create a new virtual hard disk,
41

42
00:04:48,350 --> 00:04:53,060
use an existing one, or not using one at all.
42

43
00:04:53,060 --> 00:05:01,310
And if we selected to create a new hard disk then we will be asked to specify the type of that, which
43

44
00:05:01,310 --> 00:05:05,160
can be VDI, VHD, or VMDK.
44

45
00:05:05,360 --> 00:05:12,590
And if the size of the disk should be fixed or dynamically allocated. Then finally as you guess, we have
45

46
00:05:12,860 --> 00:05:23,220
to specify the size of the disk. Then we can configure options such as networking, where we can enable
46

47
00:05:23,220 --> 00:05:29,970
network adapters and specify how they will be attached to the network.
47

48
00:05:29,970 --> 00:05:38,970
So we have the option of NAT for example which will allow VMs to only access the Internet, the NAT network
48

49
00:05:38,970 --> 00:05:46,050
option which adds the possibility for the VMs to communicate with each other, the internal network option
49

50
00:05:46,320 --> 00:05:53,580
which is like the NAT network, but does not allow accessing the internet, the host only option which
50

51
00:05:53,580 --> 00:05:59,110
is like the internal network and adds the possibility to communicate with the host machine.
51

52
00:05:59,850 --> 00:06:05,030
And finally the bridged option which allows for all types of communication.
52

53
00:06:09,430 --> 00:06:15,490
And in our case because we want our adapter to sniff traffic or listen for all traffic,
53

54
00:06:15,490 --> 00:06:18,750
even that does not destined to the VM,
54

55
00:06:18,850 --> 00:06:28,240
we have to set the promiscuous option to allow VMs, or allow all. And we can also configure other things
55

56
00:06:28,480 --> 00:06:39,180
such as: display, audio, serial ports, USB, and so on. So in this lecture I have given an introduction about
56

57
00:06:39,180 --> 00:06:47,580
virtualization and the VirtualBox, and in the next lecture I will explain how to download and install 
57

58
00:06:47,710 --> 00:06:48,270
VirtualBox.