Creating a Virtual Server

As a graduate student in an Information Assurance program, I have the need to run a variety of operating systems as I attempt to discover the vulnerabilities in the various systems and perform the necessary changes to secure them.

There are multiple ways to set up a lab and one such method is to set up multiple hardware units each running their own operating systems.   But that can get costly and can result in some serious time investment - particularly if an operating system gets compromised - in setting up the various systems.  An alternative is to set up a virtual lab.   VMWare is the leader in virtual systems - at least in my opinion.   So here's a quick start on setting up a virtual lab for your various Operating Systems.

Software:
If you're looking for a good Hypervisor, you should go with ESX Server 4.0i.   This is a bare metal hypervisor - which means that it works without the need for any underlying OS - and provides the best performance.

Hardware:
You can spend as much or as little on the hardware as you want to.   Here's a sampling of what you can use to put together a server.

4GB of Memory                  $89

Q9550 Quad Core Processor     $179

1.5TB Hard Drive              $150

Gigabyte EP45-UD3R Mobo        $89

Case/Power Supply             $100

Video Card                     $39

Intel Gb NIC                   $20

So, for about $650 you can put together a pretty solid system.   What should be noted is that regardless of the motherboard you get, you should not use the onboard LAN card and simply add an Intel NIC.   Using an Intel NIC is a surefire way to ensure that ESXi installs without any issues.

Once the hardware is put together and before we move forward with the install it is best to run Memtest on the new hardware.   There's NOTHING worst than trying to setup a new computer than having poor memory or hardware that causes crashes.   If after running Memtest for a few hours and getting no errors you can proceed with the installation of the software.   The software basically installs itself and there's very few setup options (other than setting the IP address if you don't want to let it use DHCP).

Next couple of days we'll look at the remote administration.

Pointer Magic

It has been a while since I had to do anything really creative in C/C++ but this past week required that I put together some magic particularly as it related to pointer arithmetic.


The goal was to take a defined structure - one that is made up of both single and multi-byte variables - and use pointers to alter the contents of this structure. The user can use the index of the variable of interest rather than having to know where it is located in RAM. This makes the program more flexible and it also means that unless one rearranges the structure the user can be assured that the specific variables will always have the same index. It should be noted that the index is really the starting point of the variable within the real memory.

Here's a sample structure:

struct newstructure {
    char firstvalue, //index 0
    word secondvalue, //index 1
    word thirdvalue, //index 3
    char fourthvalue, //index 5
    word fifthvalue //index 6
};

So how do we achieve this? First we need to get the starting address of the structure and assign it to a pointer (you can cast the variable directly but we can spare a couple of bytes on the stack so we do this for the sake of clarity).

     short *ptr;

     ptr = &(newstructure.firstvalue);

 The above would work great if all our variables were of type WORD however we also have CHAR variables which would cause us some offset problems. This offset would occur when we perform the following pointer math

      *(ptr + index) = newvalue;

as the index would cause the pointer to move 2 bytes (word) per increment.
To ensure we can get to both types of variables we must satisfy our smallest variable so we rewrite the above.

    char *ptr;

    ptr = (char *)&(newstructure.firstvalue);

In this case when we perform the pointer additions, the ptr will move a byte at a time which will not only allow us to modify CHAR based variables but also allow us to get to WORD variables that are odd aligned. With the above information in hand we can create two helper functions - one for CHAR values and one for SHORT values - that will look something like this.

bool changecharvalue(word offset, char value)
{
   char *ptr;
   ptr = (char*)&(structure.firstvariable);
   *(ptr + offset) = value;
}

bool changewordvalue(word offset, word value)
{

    char *ptr;
    ptr = (char*)&(structure.firstvariable);
    *(word *)((ptr + offset)) = value;
}

The changecharvalue function is pretty straightforward pointer addition plus dereferencing. The changewordvalue function however needs some explaining. Because we had to declare our pointer of type char, we must find a way to convert it to type word AFTER the pointer math has gotten it to point to our specific variable. We therefore dereference the pointer, get the address that it is now pointing too, cast that address as a pointer of type word and then dereference it again so that we can assign it the new value.

Although the whole pointer thing may look magical/complex/insane, pointers are probably one of the most efficient methods of writing software. Care must be taken to ensure that your points don't go errant, but once you understand pointers, your software will tend to get more compact and much more efficient.