(Helix)

{ Install Helix Linux Image to Hard drive }

Section 0. Background Information

Helix3 is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics. According to Helix3 Support Forum, e-fense is no longer planning on updating the free version of Helix.
See http://www.e-fense.com/products.php

Section 1. Downloading Helix

On any machine connected to the Internet, bring up a Web Browser.
- In my case, I am using a Windows Machine that has a USB hard drive attached to it.
Go To http://helix.onofri.org/Helix2008R1.iso
Saving the ISO
- Command: Click Save
Saving ISO to a location
- Instruction: It's up to you where you want to save the file. In my case, I will save the ISO to H:\BOOT ISO

Section 2. Create a New Virtual Machine

Create a New Virtual Machine
- Command: Click on "Create a New Virtual Machine"
New Virtual Machine Wizard
- Instructions:
  1. Click on the "I will install the operating system later" radio button.
  2. Click Next.
Customer Operating System and Version
- Instructions:
  1. Guest operating system: Linux
  2. Version: Ubuntu
  3. Click Next.
Personalize Linux
- Instructions:
  1. Virtual machine name: TargetHelix01
    - Note: Name it whatever you like.
  2. Location: H:\TargetHelix01
    - Note: If you can, save this image to a USB Hard drive.
  3. Click Next.
Personalize Linux
- Instructions:
  1. Maximum disk size (GB): 15
    - Note: You can make this a little as 3.5 GB. It really depends if you instead on analyzing images with Autopsy.
  2. Click on the "Store virtual disk as a single file"
  3. Click Next.
Personalize Linux
- Instructions:
  - Click Finished
- Note:
  - Helix will now boot off of the Helix2008R1.iso.

Section 3. Install Helix to the Hard drive (Part 1)

Warning: Step 10 will fail. Unfortunately, you will have to go through the install steps twice, due to an os-prober issue that has trouble seeing the logical volumes. So, don't get frustrated and just follow along step by step.

Edit TargetHelix01 Virtual Machine
- Command: Click Edit virtual machine settings
Virtual Machine Settings
- Command:
  1. Select CD/DVD (IDE)
  2. Select the "Use ISO image file:" radio button.
  3. Browse to where you saved the Helix2008R1.iso
  4. Select OK.
Booting from Helix Options
- Instructions:
  1. Select TargetHelix01
  2. Play Virtual Machine
Boot into the Helix Live CD
- Command:
  1. Arrow Down to "Boot into the Helix Live CD"
  2. Press Enter
Install to Hard drive (Part 1)
- Instructions:
  - System --> Administration --> Install
Language Selection
- Instructions:
  1. English
  2. Forward
Timezone Selection
- Instructions:
  1. Select City: Chicago
  2. Forward
Keyboard layout
- Instructions:
  1. Which layout is most similar to your keyboard? USA
  2. USA
  3. Forward
Prepare disk space
- Instructions:
  1. Make sure Guided - use entire disk is selected.
  2. Forward
Who are you?
- Instructions:
  1. What is your name? student
  2. What name do you want to use to log in? student
  3. Choose a password
  4. What is the name of this computer? TargetHelix01
  5. Forward
- Warning Instructions:
  1. After pressing forward the os-prober will fail because it cannot the volume groups.
  2. Click Cancel
    - I realize you are saying what the hell, but please continue to follow along to get Helix to install to disk.
Abort the installation?
- Instructions:
  - Click on Quit
- Notes: I know this sounds crazy, but continue to Section 4.

Section 4. Install Helix to the Hard drive (Part 2)

Install to Hard drive (Part 2)
- Instructions:
  - System --> Administration --> Install
Language Selection
- Instructions:
  1. English
  2. Forward
Timezone Selection
- Instructions:
  1. Select City: Chicago
  2. Forward
Keyboard layout
- Instructions:
  1. Which layout is most similar to your keyboard? USA
  2. USA
  3. Forward
Prepare disk space
- Instructions:
  1. Make sure Guided - use entire disk is selected.
  2. Forward
Ready to Install
- Instructions:
  - Click Install
- Side Note:
  - See, I am not crazy, it works a second time. BTW, I discovered this trick by scavenging through many of websites and blogs.
Installing system
- Side Note: This process will take between 10 to 20 minutes.
Post Installation
- Command: Click on Continue using the Live CD
Adjust VMware Settings (For VMWare Only, See Below)
- Command: Click on VMware Settings.
Change Physical Drive (For VMWare Only, See Below)
- Command:
  1. Select CD/DVD (IDE)
  2. Select the "Use physical drive:" Connection radio button.
Change Network Adapter (For VMWare Only, See Below)
- Command:
  1. Select Network Adapter NAT
  2. Select the "Bridged: Connected directly to the physical network" Network Connection radio button.
Consistency Reboot
- Command:
  1. Click on the Terminal Console
  2. sudo su -
  3. shutdown -r now

Section 5. Logging Into TargetHelix01

Preview system information
- Command:
  1. Login with your the username and password you created earlier.
  2. In my case, I create a username called "student".
How to become root
- Command:
  1. sudo su -
  2. Enter your current password for the account your logged in as.
Proof of Lab
- Command:
  1. echo "Your Name"; date; df -h
  2. Do an Alt PrtScn (Print Screen)
  3. Cut and Paste into a Word Document
  4. Upload to Moodle.

Section: Proof of Lab

Cut and Paste a screen shot found in Section 5, Step 3 in a word and upload to Moodle.