Digital Forensics with Kali Linux
上QQ阅读APP看书,第一时间看更新

Preparing the Kali Linux virtual machine

Once VirtualBox has been downloaded, it can be installed and then configured to run Kali Linux and many other operating systems, depending on the amount of RAM available.

When setting up a new guest OS or guest virtual machine, we first click on New and then fill in the following details:

  • Name: Kali-Forensic (or name of your choice)
  • Type: Linux
  • Version: Debian (64-bit)

We then click Next and proceed to allocate RAM in the Memory size prompt:

In the preceding Memory size screenshot, we can see the maximum RAM capacity to the right of the screen. The machine I used has 16,384 MB (rounded off to 16 GB) of RAM. Although the recommended memory size for Kali is a meager 1024 MB (1 GB), I do recommend at least 4 GB of RAM for smooth functionality when using the forensic tools. I have allocated 8,192 MB of RAM for use on my virtual machine.

Next, we create the virtual machine by adding a virtual hard disk. I recommend starting with a new virtual hard disk, which is the second option in the selection. Click on Create to proceed, and then choose VDI (VirtualBox Disk Image) as the Hard disk file type:

Select VDI and click Next:

Once VDI has been selected, choose the Dynamically allocated option to allow the virtual hard disk to be expanded, if the need arise:

For the next step, we select the file location and the size of the virtual hard disk chosen. The recommended size for the Kali Linux VDI is 8 GB, but I assigned a generous 64 GB in the event that I may need to store copies of files and imaged drives on the Kali VM (virtual machine).

Once finished, click on Create to complete the creation of the virtual hard disk: