Laboratory Environment Due Date: Sept 6 Points: 25 Points

Objective

The purpose of this laboratory experience is to establish a platform from which you will perform your computer security experiences.

Equipment Needed

You will need a PC or a MAC as your . You will need to download the called VirtualBox. You will also need to download the Unix-based called Ubuntu. The links on the CPSC 420/620 Laboratories homepage can be used to access VirtualBox and the CPSC 420/620 version of Ubuntu.

Background

A virtual machine (VM) is a software implementation of a machine (computer) that executes programs like a real computer. Virtual machines are separated into two major categories, based on their use and degree of correspondence to any real machine. A system virtual machine provides a complete system platform which supports the execution of a complete operating system (OS). In contrast, a process virtual machine is designed to run a single program, which means that it supports a single process. An essential characteristic of a virtual machine is that the software running inside is limited to the resources and abstractions provided by the virtual machine -- it cannot break out of its virtual world. The main advantage of system VMs is that multiple OS environments can co-exist on the same physical computer in strong isolation from each other.

Procedure

1. Download and Install VirtualBox.

Go to the CPSC 420/620 Laboratories page and click on the link for VirtualBox. Select the appropriate version of VirtualBox and download that file. Save the file in a directory. Go to the directory that you saved the file in and double click or whatever you do to that file to install VirtualBox. Select all of the defaults to install. Execute the VirtualBox program and answer the registration request.

2. Download Ubuntu

Download the rar version of the Ubuntu operating system as a vdi file. The advantage of the vdi file is that the operating system is already built and all that you need to do is connect the uncompressed rar file with VirtualBox. After downloading the file, which may take some time depending on your network connection as the file is just under 1.8 GB, you will uncompress the rar compressed file to any directory that you wish. However, the preferred directory is C:\Documents and Settings\\.VirtualBox\HardDisks. The uncompression will also take some time depending on your computer system. Be sure to have enough free disk space (at least 6 GB) and also place the file in a directory that you can remember where it is located if you did not put the uncompressed .vdi file into the preferred directory. This is your operating system that we will be using for all but one of the security experiences.

3. Install Ubuntu

You will now want to create a virtual machine for your Ubuntu OS. Check on the “New” icon in VirtualBox. Enter a name for your Ubuntu machine. Select as the operating system and Ubuntu as the version. Click the “Next” button and accept the default settings on that screen. Select the “use existing hard disk” button. Browse (icon to the right of the pull down menu) for the location of your uncompressed, downloaded Ubuntu system. Click on the add icon to identify the Ubuntu system. Then click on “Next” and finally “Create” buttons.

4. Start your Ubuntu Operating System.

From the VirtualBox window start the Ubuntu operating system. It may ask if you want to upgrade to a newer version and if you want to install some additional packages. The decision to do this is up to you. Saying “no” to those questions will not affect any security related experience that we will do. You now have an operating Ubuntu system. The user id that you will initially use is “user” with a password of “cpsc123”. This is an administrator account. I strongly suggest that you create at least another two accounts, one as an administrator account and a second as an ordinary user. Additionally, I also strongly suggest that you create a snapshot of this image in VirtualBox. You create a snapshot by stopping the Ubuntu system and then within the VirtualBox window clicking on the camera icon in the upper right hand corner. You will then be prompted for a name of the snapshot and a description. I would incorporate the date in the name and then provide a description.

Reporting

E-mail in one message the following to [email protected] with a subject line of “Security Environment”. Failure to use the correct subject line will result in a 10 point deduction for this experience.

1. An attached, uncompressed Print Screen of the Oracle VM VirtualBox console with the Ubuntu system installed.

2. An attached, uncompressed Print Screen of the Ubuntu system running on your computer.

3. In the body of your e-mail any problems that you encountered in performing this experience and any suggestions for improvements to this experience.