If you have ever been interested in learning about Penetration Testing, or generally just network / information system security then you would most likely have seen the Kali Linux distribution online (or even whilst watching Mr. Robot). Whilst Elliot in Mr Robot was using Kali Linux on live systems, I am going to walk through how to build an insulated penetration testing environment which will segregate your logical operating systems, as well as allow for operation on live devices (e.g target tested hardware).
To achieve this I am going to be using a Virtualisation Operating System (ESXI) in combination with a Virtual Network Switch, and an additional Network Interface Card. The end result will achieve the following:
ESXI Virtualisation Server
VMware ESXI will be used as the virtualisation container for Kali Linux and a selection of operating systems and network services. The Virtual Machines (VMs) can be assigned to a virtual switch, and even to a physical interface. In this example I will be creating a vSwitch and assigning a spare Network Interface to the newly created vSwitch. That NIC will be patched into the Pentesting Ethernet Switch which will enable physical devices to be connected to the insulated pentesting network.
Pentesting vSwitch (Logical Switch)
The Logical Switch (vSwitch) which is created within ESXI will be insulated from general network access, meaning all communication which takes place across this Virtual Switch can be interrogated by Wireshark or Snort.
Pentesting Ethernet Switch (Physical)
I have purchased a 24 port managed switch from eBay for $50 AUD and implemented 3 VLANs to divide the switch logically into 3 different network groups. One of the groups I will be utilising for home networking, with the other two assigned to Pentesting and Cisco VIRL activities (more on VIRL at a later date).
Putting it all together
This environment will allow Kali Linux to be segregated from the outside LAN (reducing the possibility of live attack through use of tools like 'hping3'), and allow for connection of physical devices such as routers, switches, and web cameras which could be interrogated with Kali's toolset.
Configuring the ESXI Network Infrastructure
In my example I am using ESXI 6 (a licence for which is available for free from VMWare), and because this hardware was originally my dedicated NAS has only 16GB of RAM (motherboard slot limitations at present).
Assuming your ESXI installation is complete and functional, login to the ESXI vSphere Client for your server and navigate to the Configuration tab. On the left side of the main panel you will see a link for 'Networking'. This is where the virtual switches are created, and also bound to physical network interfaces.
Click the Add Networking link, and select Virtual Machine as the connection type. The next screen should ask which Network Interface Card you wish the new vSwitch to be bound to. In the example above we are going to use the NIC which will be connected to our Penetration Testing Switch (or VLAN if you are so inclined).
Give the Network Label a name such as 'Pentest Network', to avoid confusion for subsequent network configurations with your hosts.
Click through to complete the configuration, and you should now have a new Standard Switch: vSwitch1, with the Pentest Network attached to your second Network Interface Card. In my example I have not connected the second interface card to the switch, but this configuration will allow physical devices to be co-located within your Pentest Network, and not be affecting your legitimate or public network traffic.