Portable WAPT VM Networking

The last post discussed the requirements and what would be used to set up a portable WAPT lab. This post will focus on setting up lab networking. If you are familiar with VMware network options, you will find absolutely nothing new, but I wanted to include it for people who may not be familiar with it.

Hosting known vulnerable operating systems, and applications has obvious risks, and its important to understand the different networking options to minimize the risks. There are three networking options, NAT, Bridged, and Host Only in all VMware products.

VMware Bridging, known as Bridge, places guest on the network as if they were physically connected to the network. Bridged guests appear and can be access on the network the same as the host system.

VMware NAT’ing, known as NAT, is similar to other types of Network Address Translation. All guests in the NAT network are assigned individual IP address, but share the same IP address as the host system to access the Internet. Default NAT settings permit no access to guests using NAT. With modification to the NAT configuration, its possible to access guests behind the NAT.

VMware Hosting , known as Host-Only, is a network in which all the guests are on the same network, but are not accessible from any other networks. There is no known way at this time to access a Host-Only guest from outside the Host-Only network.

Bridge networks biggest advantage is its biggest disadvantage, which is guests are accessible by anyone on the same network(s). Since the WAPT is hosting known vulnerable web applications that can lead to complete compromise of the underlying operating system, there is high risk with bridge networking. An additional challenge, especially if using static IP’s for the lab, is all guests may require their IP’s to be changed on every network.

NAT’ing’s biggest advantage is guests have Internet access, while not being accessed from other systems. If the applications need Internet access without being accessible by other networks this is a good option. However, misconfiguration can allow the guest to be accessible from other networks.

For the portable WAPT, Host-Only is the recommended networking option. No guests have access or are accessible to/from other networks. If hosts need access, add a guest with two network interface cards (NIC) that act’s like a router/firewall. For web applications you can configure this VM to be a reverse proxy /web application firewall as well.

Since Host-Only networking is used, any network/subnet can be used. I recommend picking a RFC 1918 network that wont normally appear on any networks you will be connecting to.  Once the network address is picked, in this case 172.16.254.x/24, assign static IP address for all hosts. For the portable lab I have chosen the following:

            Samurai WTF – 172.16.254.250

            OWASP Broken Web Apps – 172.16.254.200

            Hacme – 172.16..254.201

With the network “designed and configured” the next steps will setting up the different VM’s. In the next post I will discuss setting up the Samurai WTF and OWASP Broken Web Apps VM.