I’ve spent the past week setting up a malware analysis lab, with the detonation environment (AKA the PC that gets virused for science) using an old HP EliteDesk 800 G2 35W that I acquired for $75 off of eBay, plus a $5 DisplayPort to HDMI adapter and some fancy red CAT6 to clearly delineate what I’ve cleverly dubbed MALNET. (It’s literally just a crossover cable to my old Linux server.)
Anyway, during the course of this setup process, I needed to give a VirtualBox VM (in my case, a Ubuntu Server 20.04 VM running CAPEv2 and FOG) dedicated access to an ethernet port. I did it wrong and ended up chasing myself in circles trying to figure out why PXE wasn’t finding TFTP, but eventually figured it out. Turns out that assigning your host and VM the same IP makes ARP very confused.
So, without further ado, here’s how to give your VirtualBox VM dedicated access to a port properly. (On Linux.)
On Your Host
What we’re trying to do here is effectively tell Linux that the port exists, but not to configure it or otherwise use it. Complicating matters is that there are a couple of competing networking configuration standards these days: ye olde /etc/network/interfaces
and Ubuntu’s netplan. You’ll be using ONE of these.
- Figure out what the Ethernet port’s interface is. An easy way to do this is to plug it into a network, run
ip address
, unplug it, and runip address
again to see what changed. For example, my interface for MALNET ended up beingenp6s0
. Yours may be different. - Run
sudo nano -w /etc/network/interfaces
and remove any prior entries regarding that interface. (Do something similar in /etc/netplan/ YAML files if you use netplan.) - For
/etc/network/interfaces
: Addiface YOURINTERFACEHERE inet manual;
- For netplan: idfk try just leaving it out, then run
sudo netplan apply
- Run
systemctl restart networking.service
- Make sure you still have networking on your other ports.
On Your VM
This part is much easier. These directions apply for both the desktop GUI for virtualbox, and RemoteBox.
- Open your VM settings while it’s offline.
- Go to the Network tab.
- Select the adapter you wish to use from the dropdown.
- Attach To: Bridged Network
- Select your interface from the dropdown. (Again, for me, this was set to enp6s0.)
- Save.
You’re good to go!