ComputerSecurityStudent (CSS) [Login] [Join Now]




|FORENSICS >> LosBuntu >> Current Page |Views: 12708

(LosBuntu: Lesson 3)

{ Create LosBuntu Virtual Machine }


Section 0. Background Information
  1. What is LosBuntu?
    • I wanted to thank my good friend Carlos Cajigas (@carlos_cajigas) for creating LosBuntu and for his generous guidance and mentorship in Cyber Forensics.
    • LosBuntu is a Linux Live DVD distribution (distro) that can be used to assist in data forensic investigations.  It is a compilation of Master Cajigas' many years of experience as a former law enforcement agent and IBM forensics investigator.

  2. Lab Notes
    • In this lab we will do the following:
      1. Download the LosBuntu ISO
      2. Install LosBuntu to Hard Drive
     
  3. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2016 No content replication of any kind is allowed without express written permission.

 

Section 1: Download LosBuntu ISO
  1. Open Firefox (Host Machine)
    • Instructions:
      1. Click the Start Button
      2. Type firefox in the search box
      3. Click the firefox icon

     

  2. Start LosBuntu Download (Part 1)
    • Instructions:
      1. Navigate to the following URL
        • http://www.mashthatkey.com/2015/01/mash-that-key-releases-losbuntu.html
      2. Scroll Down until you see the LosBuntu Link
      3. Click on LosBuntu

     

  3. Start LosBuntu Download (Part 2)
    • Instructions:
      1. Click the Download button

     

  4. Start LosBuntu Download (Part 3)
    • Instructions:
      1. Click Download anyway
      2. Click the Save File radio button
      3. Click the OK button

     

  5. Save LosBuntu
    • Instructions:
      1. Navigate to your desired destination directory
        • In my case, C:\CSS\ISOs
      2. File name: LosBuntu_2016_02_01.iso
      3. Save as type: ISO Image File (*.iso)
      4. Click the Save button
    • Note(FYI):
      1. LosBuntu is subject to continual version updates.

 

Section 2: Create a New Virtual Machine
  1. Open VMware Player on your windows machine.
    • Instructions:
      1. Click the Start Button
      2. Type "vmware player" in the search box
      3. Click on VMware Player

     

  2. Create a New Virtual Machine. (See Below)
    • Instructions:
      1. Click on Home
      2. Click on Create a New Virtual Machine
     
  3. Installation Media
    • Instructions:
      1. Select Installer disk image file (iso):
      2. Click the Browse Button
      3. Navigate to the LosBuntu ISO Location
        • In my case, C:\CSS\ISOs\LosBuntu_2016_02_01.iso
      4. Click Next
    • Note(FYI):
      • Command #3, your LosBuntu version might be newer than my version due to continual updates.

     

  4. Select a Guest Operating System
    • Instructions:
      1. Guest operating system:  Linux
      2. Version: Ubuntu
      3. Select Next

     

  5. Name the Virtual Machine
    • Instructions:
      1. Virtual machine name: LosBuntu
      2. Location: Select your destination location.
        • In my case, C:\Users\student\Documents\Virtual Machines\LosBuntu
      3. Click the Next Button

     

  6. Specify Disk Capacity.
    • Instructions:
      1. Make the disk size to 20 GB.
      2. Select Store virtual disk as a single file.
      3. Select Next.

     

  7. Customize the Hardware.
    • Instructions:
      1. Select the Customize Hardware Button.

     

  8. Configure Memory
    • Instructions:
      1. Click on Memory.
      2. Up the memory to 1 GB
    • Note(FYI):
      • Do NOT Click the Close Button, we still have more to configure.

     

  9. Configure CD/DVD
    • Instructions:
      1. Click on New CD/DVD.
      2. Check Connect at power on
      3. Select Use ISO image file:
        • Make sure the path to the ISO is present.
    • Note(FYI):
      • Do NOT Click the Close Button, we still have more to configure.

     

  10. Configure the Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Check Connect at power on
      3. Select Bridged: Connect directly to the physical network
      4. Click the Close button.

     

  11. Click Finish (See Below)
    • Instructions:
      1. Click the Finish Button

     

Section 3: Install LosBuntu to Hard Drive
  1. Start the LosBuntu VM
    • Instructions:
      1. Click on the LosBuntu VM
      2. Click on Play virtual machine

     

  2. LosBuntu Boot Selection
    • Instructions:
      1. Arrow Down to where live - boot the Live System is highlighted
      2. Press <Enter>

     

  3. Login to LosBuntu
    • Instructions:
      1. Password: mtk
      2. Press <Enter>

     

  4. Start LosBuntu Installation
    • Instructions:
      1. Right Click on Install LosBuntu
      2. Select Open

     

  5. Select Language
    • Instructions:
      1. Select Language: English
        1. Click the Continue Button

     

  6. Preparing to install LosBuntu
    • Instructions:
      1. Click the Continue Button

     

  7. Installation type
    • Instructions:
      1. Select Erase disk and install LosBuntu
      2. Click the Install Now Button

     

  8. Write the changes to disk?
    • Instructions:
      1. Click the Continue Button

     

  9. Where are you?
    • Instructions:
      1. Location: Houston
      2. Click the Continue Button
    • Note(FYI):
      • Command #1, Replace Houston with your location.

     

  10. Keyboard layout
    • Instructions:
      1. Choose your keyboard layout: English (US)
      2. English (US)
      3. Click Continue

     

  11. Installation Process
    • Note(FYI):
      1. The Installation will take between 10 to 15 minutes.

     

  12. Installation Complete
    • Instructions:
      1. Click the Continue Testing Button

 

Section 4: Power Off Virtual Machine
  1. Open Terminal Windows
    • Instructions:
      1. Click on the Terminal Window

     

  2. Poweroff Machine
    • Instructions:
      1. sudo su -
      2. [sudo] password for mtk: mtk
      3. poweroff
    • Note(FYI):
      • Command #1, Use (sudo) to execute the (su) command to switch to the root(-) user.
      • Command #3, Use (poweroff) to turn off the Virtual Machine.

     

  3. Installation Media
    • Instructions:
      1. Press <Enter>
    • Note(FYI):
      • Command #1, The OS is detecting that there is still a CD (ie. an ISO) in the CD/DVD tray.  Pressing <Enter> will resume the poweroff process.

 

Section 5: Power On the LosBuntu VM
  1. Open VMware Player on your windows machine.
    • Instructions:
      1. Click the Start Button
      2. Type "vmware player" in the search box
      3. Click on VMware Player

     

  2. Edit Virtual Machine Settings
    • Instructions:
      1. Select LosBuntu
      2. Click Edit Virtual Machine Settings

     

  3. Configure Memory
    • Instructions:
      1. Click on Memory.
      2. Up the memory to 1 GB
    • Note(FYI):
      • Do NOT Click the OK Button, we still have more to configure.

     

  4. Configure CD/DVD(IDE)
    • Instructions:
      1. Click on CD/DVD(IDE)
      2. Device status: Check Connect at power on
      3. Connection: Click Use physical drive
      4. Select Auto detect
    • Note(FYI):
      • Do NOT Click the OK Button, we still have more to configure

     

  5. Configure Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Device status: Check Connect at power on
      3. Network Connection: Click Bridged: Connected directly...
      4. Click the OK Button

     

  6. Play LosBuntu Virtual Machine
    • Instructions:
      1. Select LosBuntu
      2. Click Play virtual machine

 

Section 6: Login to LosBuntu
  1. Login to LosBuntu
    • Instructions:
      1. Password: mtk
      2. Press <Enter>

 

Section 7: Configure Terminal Window Settings
  1. Open Terminal Windows
    • Instructions:
      1. Click on the Terminal Window

     

  2. Terminal Window (Profile Preferences)
    • Instructions:
      1. Edit --> Profile Preferences

     

  3.  Terminal Window (Profile Colors)
    • Instructions:
      1. Click the Colors Tab
      2. Uncheck Use colors from system theme
      3. Built-in schemes: Black on white

     

  4. Terminal Window (Profile Background)
    • Instructions:
      1. Click the Background Tab
      2. Shade transparent or image background: Maximum
      3. Click the Close Button

     

  5. Become root
    • Instructions:
      1. sudo su -
      2. password: mtk
      3. pwd
    • Note(FYI):
      • Command #1, Use (sudo su -) to simulate an initial root login where the /etc/profile, .profile and .bashrc are executed.  Not only will the root user's environment be present, but also the root user will be placed in it's own home directory (/root).
      • Command #2, Use (pwd) to display the current working directory of the particular user.

     

  6. Obtain IP Address
    • Instructions:
      1. ifconfig -a
      2. Record Your IP Address
    • Note(FYI):
      • Command #1, Use (ifconfig) to view all (-a) IP Addresses associated with LosBuntu.  You should only have two interfaces: eth0 and lo.
        • eth0 - Is the primary interface.  In my case, the IP Address is 192.168.1.133.
        • lo - Is the local loopback address.  The loopback address is used to establish an IP connection to the same machine or computer being used by the end-user.  The loopback construct gives a computer or device capable of networking the capability to validate or establish the IP stack on the machine.
      • If your host machine has Internet Connectivity, but LosBuntu does not have an IP Address associated with eth0, then issue the following command as root.
        • dhclient -v

     

Section 8: Proof of Lab
  1. Proof of Lab
    • Instructions:
      1. grep mtk /etc/passwd
      2. usermod -c "Your Name" mtk
      3. grep mtk /etc/passwd
      4. tune2fs -l /dev/sda1 | grep "Filesystem created:"
      5. date
      6. echo "Your Name"
        • Put in your actual name in place of "Your Name"
        • e.g., echo "John Gray"
    • Note(FYI):
      • Command #4, Use (tune2fs) to list file system parameters associated with the root partition (/dev/sda1).
    • Proof of Lab Instructions
      1. Press the <Ctrl> and <Alt> key at the same time.
      2. Press the <PrtScn> key.
      3. Paste into a word document
      4. Upload to Moodle

 



Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth