Setting Up a Windows Virtual Machine for SANS FOR526



Similar documents
WA1826 Designing Cloud Computing Solutions. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1

Installing the Android SDK

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Voyager Reporting System (VRS) Installation Guide. Revised 5/09/06

InformationNOW Upgrading to Microsoft SQL Server 2008

Supplement I.B: Installing and Configuring JDK 1.6

How to use the VMware Workstation / Player to create an ISaGRAF (Ver. 3.55) development environment?

Installing and Configuring Microsoft Dynamics Outlook Plugin to Use with ipipeline MS CRM

MiraCosta College now offers two ways to access your student virtual desktop.

WA2192 Introduction to Big Data and NoSQL. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1

Microsoft Access Calendar Scheduling Database/Template Installation Instructions

How to Install and Setup IIS Server

DocAve Upgrade Guide. From Version 4.1 to 4.5

Getting Started with the Ed-Fi ODS and Ed-Fi ODS API

This tutorial provides detailed instructions to help you download and configure Internet Explorer 6.0 for use with Web Commerce application.

Migrating MSDE to Microsoft SQL 2008 R2 Express

WA2102 Web Application Programming with Java EE 6 - WebSphere RAD 8.5. Classroom Setup Guide. Web Age Solutions Inc. Web Age Solutions Inc.

Password Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2

User Manual. User Manual Version

1. Product Information

Technical Support Center

Online Backup Client User Manual Linux

How to install and use the File Sharing Outlook Plugin

Installing Oracle 12c Enterprise on Windows 7 64-Bit

The purpose of this document is to describe how to connect Crystal Reports with BMC Remedy AR System using ODBC.

Integrated Virtual Debugger for Visual Studio Developer s Guide VMware Workstation 8.0

mystanwell.com Installing Citrix Client Software Information and Business Systems

JAVS Scheduled Publishing. Installation/Configuration... 4 Manual Operation... 6 Automating Scheduled Publishing... 7 Windows XP... 7 Windows 7...

RecoveryVault Express Client User Manual

ilaw Installation Procedure

Supplement I.B: Installing and Configuring JDK 1.6

Setting up Windows Phone 8 environment in VMWare

Microsoft Business Intelligence 2012 Single Server Install Guide

Primavera P6 Professional Windows 8 Installation Instructions. Primavera P6. Installation Instructions. For Windows 8 Users

Como configurar o IIS Server para ACTi NVR Enterprise

How to Configure Windows 8.1 to run ereports on IE11

requirements the Boot Camp boot camp in into Spotlight. 2. If proceeding. 2 Windows 3 Windows

WA1791 Designing and Developing Secure Web Services. Classroom Setup Guide. Web Age Solutions Inc. Web Age Solutions Inc. 1

Online Backup Linux Client User Manual

Online Backup Client User Manual

CONFIGURING MICROSOFT SQL SERVER REPORTING SERVICES

Upgrading LytecMD from to 9.4 on Windows Server Best Practices. Revision Date: 7/29/2010 PLEASE READ:

TECHNICAL NOTE. The following information is provided as a service to our users, customers, and distributors.

How to Install Applications (APK Files) on Your Android Phone

Secret Server Installation Windows 8 / 8.1 and Windows Server 2012 / R2

Installing Ruby on Windows XP

Managing Software Updates with System Center 2012 R2 Configuration Manager

PowerPanel Business Edition Installation Guide

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Using Windows Task Scheduler instead of the Backup Express Scheduler

Guide to Installing BBL Crystal MIND on Windows 7

The VHD is separated into a series of WinRar files; they can be downloaded from the following page:

GETTING STARTED WITH SQL SERVER

Getting Started using the SQuirreL SQL Client

Hosting Users Guide 2011

Team Foundation Server 2012 Installation Guide

SAS 9.3 Foundation for Microsoft Windows

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Computer Science and Engineering Windows Cisco VPN Client Installation and Setup Guide

Eclipse installation, configuration and operation

VMWare Workstation 11 Installation MICROSOFT WINDOWS SERVER 2008 R2 STANDARD ENTERPRISE ED.

XStream Remote Control: Configuring DCOM Connectivity

Upgrading MySQL from 32-bit to 64-bit

MyNetFone Virtual Fax. Virtual Fax Installation

WINDOWS 64-BIT INSTALLATION NOTES ORACLE VIRTUALBOX Micro Planner X-Pert V3.5.1 Digital Download Edition

educ Office Remove & create new Outlook profile

Dual-boot Windows 10 alongside Windows 8

Sitecore Ecommerce Enterprise Edition Installation Guide Installation guide for administrators and developers

Getting Started with Android Development

4cast Client Specification and Installation

WA2262 Applied Data Science and Big Data Analytics Boot Camp for Business Analysts. Classroom Setup Guide. Web Age Solutions Inc.

Online Backup Client User Manual Mac OS

Online Backup Client User Manual Mac OS

Zanibal Plug-in For Microsoft Outlook Installation & User Guide Version 1.1

Vess A2000 Series. NVR Storage Appliance. Windows Recovery Instructions. Version PROMISE Technology, Inc. All Rights Reserved.

Personal Virtual Server (PVS) Quick Start Guide

Team Foundation Server 2013 Installation Guide

Install MS SQL Server 2012 Express Edition

Disabling Microsoft SharePoint in order to install the OneDrive for Business Client

SonicWALL CDP 5.0 Microsoft Exchange InfoStore Backup and Restore

Download and Installation Instructions. Android SDK and Android Development Tools (ADT)

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Transfer Files to FreeDOS Guest OS with Shared Folders VMware Workstation

Dynamics CRM 2011 Outlook Configuration Guide With Windows XP


Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Configuring.NET based Applications in Internet Information Server to use Virtual Clocks from Time Machine

64-Bit Compatibility with Micromeritics Applications

How to configure the DBxtra Report Web Service on IIS (Internet Information Server)

Server & Workstation Installation of Client Profiles for Windows (WAN Edition)

How to Setup and Connect to an FTP Server Using FileZilla. Part I: Setting up the server

Deploying System Center 2012 R2 Configuration Manager

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

How to Configure Windows 7 to run ereports on IE 11

Team Foundation Server 2010, Visual Studio Ultimate 2010, Team Build 2010, & Lab Management Beta 2 Installation Guide

Managing User and Computer Accounts

Contents. Hardware Configuration Uninstalling Shortcuts Black...29

Accessing RCS IBM Console in Windows Using Linux Virtual Machine

Creating client-server setup with multiple clients

Transcription:

Setting Up a Windows Virtual Machine for SANS FOR526 As part of the Windows Memory Forensics course, SANS FOR526, you will need to create a Windows virtual machine to use in class. We recommend using VMware to do this, and the following instructions are predicated on using VMware Workstation. The course is designed to use a 32- bit version of Windows 7. 1. Create the Virtual Machine The exact instructions vary by host platform: Microsoft Windows: A. From the File menu, choose New. B. Select Typical to create a typical new virtual machine. C. Insert your Windows installation disc and choose Use a physical disc. D. Choose the Easy Install method and follow the prompts. You can use anything you d like for the virtual machine name and username. But be sure to write down your password! Mac OS X: A. From the File menu, Choose New. B. Insert your Windows installation disc and follow the prompts. C. It is safe to accept the defaults. Your virtual machine will need to access the network. You can use anything you d like for the virtual machine name and username. But be sure to write down your password! 2. Patch the virtual machine to the current service pack (SP1 as of press time). A. Boot the virtual machine.

B. In the VM, from the Start Menu, choose All Programs, then Windows Update. C. Select Turn on Automatic Updates. D. Choose Install Updates. E. Follow the prompts necessary to install the Important updates (these vary depending on the current patch level of Windows.) You will have to restart at least once during this process. You will also have to manually shut down the VM at least once too. Shutting down the VM will install some updates. Even after shutting down and restarting the virtual machine, you must run Windows Update again and install the remaining updates. F. You do not need to install any of the Optional updates. 3. Download and install the Windows debugging tools The debugging tools are part of the Windows Software Development Kit (SDK). Download the installer of the latest version of the SDK. As of press time, this was the Windows 8 Consumer preview, http://msdn.microsoft.com/en- us/windows/hardware/hh852363. A. Download the sdksetup.exe program from the above URL and run it. B. Accept the default installation location. C. Decline the Customer Experience Improvement Program. D. Read and accept the user agreement. E. Deselect all of the tools to install EXCEPT the Windows debugging tools. The result should look like:

Then install the debugging tools by clicking the Install button. 4. Download and Install livekd and Process Monitor. We re going to use these utilities to examine our virtual machine. You will need to download these tools from: Livekd: http://technet.microsoft.com/en- us/sysinternals/bb897415 Process Monitor: http://technet.microsoft.com/en- us/sysinternals/bb896645 For each of them, double- click the archive, and then click the Extract all files button. Save the extracted files to a new directory, C:\bin. 5. Create and update environment variables

To make our programs run correctly, we are going to create and update some environment variables. We need to configure a variable to download any necessary debugging symbols from Microsoft. To do this: A. Open the Control Panel. B. Choose System and Security. C. From the right- hand panel, choose System. D. Verify that you have installed a 32- bit operating system. This value is noted in the System type field on the right hand side of the window. E. From the left- hand panel, choose Advanced system settings : F. At the bottom of the Window, choose Environment variables. You should see this panel:

G. In the bottom part of the window, under System variables, create a new variable. H. Assign the Variable name to _NT_SYMBOL_PATH and the Variable value to srv*c:\symbols*http://msdl.microsoft.com/download/symbols. Click the OK button to save this variable. I. Also in the System variables window, find the variable Path. Click Edit and append a semi- colon and the following string to the existing value: C:\Program Files\Windows Kits\8.0\Debuggers\x86;C:\bin When you are finished, the overall variable should look like:

%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SY STEMROOT%\System32\WindowsPowerShell\v1.0\; C:\Program Files\Windows Kits\8.0\Debuggers\x86;C:\bin If you are not sure if you have done it correctly, you can copy and paste the value to another program, like Notepad, and edit it there. 6. Test Out the Debugger We should be finished with the debugging tools. Let s take them out for a spin! A. From the Start Menu, choose All Programs- >Accessories. B. Right- click on Command Prompt and choose Run as Administrator. Accept the option in the dialog box which appears. C. Type livekd - w (without the quotes), hit enter, and accept the EULA. D. As the WinDBG window opens, you may be asked if you want save information for a workspace. Click Yes E. Wait for a minute as WinDBG downloads the symbols you ll need. You may get an error about how symbols for livekd.sys could not be found. That s normal. F. In the end, you should see something like this:

Download and Install Moonsols DumpIt tool We re going to use DumpIt to capture memory images on our VM. To install it: A. Go to http://www.moonsols.com/ressources/ and find the button for DumpIt. Click it to download. B. Double- click on the downloaded zip file to open it. C. Click the Extract all files button. Save the extracted files to the C:\bin directory.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information