Forwarding the Net

I realize that I mention port forwarding with the assumption that all of my readers have an idea as to what I'm referencing. After a few PM-ed requests, I now realize that that my not be the case.

Let's get to it!

The following information listed in this article is for educational purposes only. "You" is assumed to be the Pentester authorized to assess a network, or individuals working on their personal system.

Port forwarding is the process of allowing network devices behind firewalls or Network Address Translated (NAT) routers to gain connectivity to machines on the Internet (Nets).

Let's dive deeper into NAT. Here's what's taking place:

1. A Workstation inside a private network requests to the router to talk to a computer not in their private network
2. The router takes this request, checks it's address book of devices on the private network, and the moment it realizes that none of the devices on the private network matches the request, it sends it to the firewall... which is essentially the router for the Nets.
3. The firewall then takes the request, wraps it in a public ip address (usually its own address), and sends the request to the device on the external network.

NOTE: The device receiving the request in the external network thinks that it is sending information to the firewall, and the device in the private network (the one that sent the original request) thinks the return request/information is coming from the firewall.

NAT-ing in a nutshell : Every device that is behind the firewall (private network) that sends requests to the front of the firewall (the internet), is using the firewall's IP public address to communicate to external networks over the internet.

The firewall is the strong arm that separates the internet from private networks. NAT-ing can get pretty fancy as larger networks may have servers that have their own special public IP address listed in the firewall's address book. Network engineers can get even fancier and assign specific ports and IP address to devices in the private network.

If NAT-ing is not in place, when the router receives requests/information from an external interface, it will drop the requests/information.

So what does any of this mean for Virtual Machines (VM) and cybersecurity?

Welp, I'm glad you asked.

NAT is already configured by default on VMWare (VMW) and VirtualBox (VB). When practicing exploits or programs, it is okay to not reach the outside (the internet). You may not be ready for what the "real world" has to offer for 'experimenting' with their networks and there is a ton of potential for legal issues.

Understand that you can use your VM to touch the Nets. It's called Bridged Networking. That means your VM shares the IP address of your host machine. That means that your host machine will receive all of the incoming traffic... which you do not want. When practicing, you want your VMs to receive the incoming traffic for that added layer of security. Bridging allows for your VM to be seen as a separate device on your network all together, and it is given its own IP address!

At this point you're probably like, "Thank you for the information, but how, how do I do this bridging thing?"

Too easy.

I'll introduce you to the steps for VMW and VB.

In VMW:

1. Ensure that your machine has been powered down.
2. Navigate to "Virtual Machine Settings" by right clicking on the desired machine.
3. In the "Virtual Machine Settings" window, you will see two tabs: 'Hardware,' and 'Options.'
4. Click the 'Hardware' tab if it is not already selected.
5. In the far left pane, there is a menu that lists: 'Device,' and 'Summary.'
6. From this menu click "Network Adapter." (The summary should say 'NAT')
7. Once selected, in the far right pane, there are two text boxes: "Device Status," and "Network Connection."
8. In "Network Connection," select the 'Bridged: Connected directly to the physical network' radio button.
9. Click "OK."

Done.

Now, in VB the process is very similar:

1. Ensure that your machine has been powered down.
2. Navigate to "Settings" by right clicking on the desired machine. It is usually the first option with a yellow wheel.
3. In "Settings," in the far left pane, select "Network." This is normally listed below 'Audio' and above 'Serial Ports.'
4. Once selected, in the middle of the window you will see the tabs 'Adapter 1,' 'Adapter 2,' 'Adapter 3,' 'Adapter 4.'
5. Let's focus on the first tab that may already be selected. That is 'Adapter 1.'
6. Ensure that the "Enable Network Adapter" box has been checked.
7. "Attached to:" should have a drop down arrow. Click the drop down arrow.
8. The following options will be listed: 'Not attached,' "NAT," "Bridged Adapter," etc.
9. Select "Bridged Adapter."
10. Click "OK."

You have successfully created a VM with it's dedicated IP address that can access the Nets in VB!

Port forwarding is just a easy, and not allowed through the free version of VMW; VMW player.

Let's go through the steps:

1. In the same 'Adapter 1' tab, there is an 'Advanced' drop down link. Click the arrow.
2. Ensure that the "Cable connected" box is checked.
3. There is a button labeled "Port Forwarding." Click it.
4. There are a few columns labeled: 'Name,' 'Protocol,' 'Host IP,' 'Guest IP,' and 'Guest Port.'
5. Select the 'Host Port,' and 'Guest Port.' Make your changes
6. It may help to change the 'Name' of the rule.
7. Select 'OK.'

Now you may access the Net in VB and your VM is bridged and forwarded!

If you have some tips or tricks regarding this process, feel free to let me know as I am still tinkering.

Hopefully you found this post to be helpful. If you have some tools that have the potential of crashing my machine, send them my way as that has been my new thing.

Ignite your #curiosity and #bethechange.

 #wireshark #womenintech #cybersecurity #womenwhocode #girlswhocode #Cyber

Views are my own. Twitter: _Joyous_