**See notes on SecurityOnion at the bottom!
It is funny where life can take you. I have been a specialist (and in some things maybe even expert) in so many different technologies over the course of my career, so when I sat down a few weeks ago to create a Kali Linux virtual machine on my Windows 11 laptop, I was surprised that I encountered a number of stumbling blocks. I got through them, but I was surprised that I even had the hiccoughs.
If you are not familiar with Kali Linux, do not be discouraged. It is a distro that is used primarily by cybersecurity specialists and hackers. A friend and colleague from my Microsoft MVP days and I decided a few weeks ago to study for a cybersecurity certification together, and I told her that aside from doing all of the CompTIA labs (which are great, believe me), she should also install Kali on a virtual machine to play with. As she has not spent as much time in the Hyper-V world as I have, and because I have not written about it in a while (and have likely never written about creating a Linux VM), I thought I would take the opportunity… to help her, and to help you!
The first thing you need to do is ensure your Windows 11 (or Windows 10) hardware supports Hyper-V, and that the necessary bits are enabled in the UEFI. For Intel CPUs ensure that Intel VT is enabled; for AMD it is called AMD-V. As enabling this will be different for every brand, I suggest you refer to the manufacturer’s instructions. You also need to make sure you have enough memory. I recommend a minimum of 4GB of RAM for the base operating system, plus a minimum of 2GB of RAM for each virtual machine you will have running simultaneously. This of course should be increased if you have VMs with higher memory requirements. As my laptop (a Microsoft Surface Laptop 4, Core i7 CPU, and 16GB RAM) meets and exceeds the minimum requirements, I should be fine, right?
Not so fast… If you are going to be running a single VM then that is fine; if you plan to run several VMs simultaneously, I suggest you invest external storage. Even with fast Solid-State Drives, you are going to find things slow down mighty fast once the second or third or fourth VM is running. If you only need a single VM running (you can have as many of them installed but shut down as you want) then your single SSD will be sufficient.
**NOTE: I will not be covering changing any defaults or different file locations for your Hyper-V VMs. Unless you change these or specify otherwise, your VMs will be stored in the default locations, which are:
- (For virtual hard drives) C:\ProgramData\Microsoft\Windows\Virtual Hard Disks
- (For virtual machine configuration files) C:\ProgramData\Microsoft\Windows\Hyper-V
For my laptop environment, I have changed both these defaults to C:\Hyper-V.
Hyper-V is what is called in Windows 10 (and later) a Windows Optional Feature. While there are a few ways to install it (GUI and DISM come to mind), I usually opt for the PowerShell cmdlet. Once you run this, your machine will need to reboot a couple of times.
Before we bulldoze ahead, let’s make sure that it is not already installed. Open your PowerShell window as an Administrator (in Windows 11, right-click the Start Menu and click Terminal (Admin). Type the following to see if it is there or not:
Get-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V-All
You should get a response that looks like this:
Now we can move forward and get to work. Use the following cmdlet to install Hyper-V, and then let the process reboot your system (twice). Make sure you have saved all of your work in any open windows
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V –All
Depending on the speed of your machine it should not take too long. After less than a minute, I was prompted to reboot. Click Y and let it happen.
Once you have rebooted, you should open your PowerShell window again to check that it worked. You should see this:
Okay then! Let’s keep going. Before you do anything else, you should download the Kali Linux installation image from https://www.kali.org. There are a lot of different download options; while you can actually download a VM of it directly, I suggest downloading the installed image from here. Make sure you download the 64-bit image.
Creating the Virtual Machine
Before we create our VM, we need to have some information. If you have not changed anything, the name of your virtual switch (which we will be connecting the VM to for networking) will be called Default Switch. Because I do not like having spaces in my switch names, I have created a new virtual switch called MDG-External and connected my Wi-Fi adapter to it. You might want to do that, or you might not. Remember, if you have spaces in the name, you need to put “quotation marks” around them when using the PowerShell interface.
In your PowerShell window (with Admin), type Get-VMSwitch. You will see something like this:
Now that we know the name of our switch, we can create our virtual machine. For the Kali environment that I want, I will be creating a Generation 2 VM and giving it 4GB of RAM, a 40GB virtual disk, and connecting it to the network switch that I created. I will be calling the VM Kali-1, and calling the virtual disk Kali-1.vhdx. I will be storing all of the files in that directory that I created, C:\Hyper-V. Let’s do that with the following cmdlet:
New-VM –Name “Kali-1” –Path “C:\Hyper-V” –MemoryStartupBytes 4GB –NewVHDPath “C:\Hyper-V\Kali-1.vhdx” –NewVHDSizeBytes 40GB –Generation 2 –Switch “MDG-External”
That will create the virtual machine, but we are not done yet. We have to connect the Kali installation source that we downloaded. To simplify typing, you might want to move it from your Downloads directory to a simpler one like c:\ISOs, like I did.
Add-VMDvdDrive –VMName “Kali-1” –Path “c:\ISOs\kali-linux-2022.4-installer-amd64.iso”
If you did not do anything else during this process, your PowerShell window should look like this:
**NOTE: I made a slight mistake, calling my virtual disk Kali1.vhdx and not Kali-1.vhdx. I decided the mistake was not significant enough in my lab environment to matter, but I have since corrected the cmdlet in the text so that you will not get caught by it.
We now have to set the boot order so that it boots from the DVD and not from the network adapter or the virtual hard drive. To do that, we are going to run the following cmdlet:
Set-VMFirmware -VMName Kali-1 -BootOrder (Get-VMDvdDrive -VMName Kali-1), $(Get-VMHardDiskDrive -VMName Kali-1)
There should be no response except for the PowerShell prompt.
Additionally, we need to disable Secure Boot. That is another simple cmdlet:
Set-VMFirmware -VMName Kali-1 -EnableSecureBoot Off
Again, there will be no response other than the prompt.
Engines Virtual Machines!
You are now ready to start the VM and connect to it, at which point you have to switch from the warm, familiar comfort of PowerShell and Windows and descend into the madness of Kali Linux. Okay, there is no madness… it is actually a lot of fun. To do so, run these two cmdlets:
Start-VM –Name Kali-1
Yes, you can drop into the Hyper-V Manager MMC console, but this will work just fine. You should now have a window on your screen that looks like this:
Press Enter to proceed with the Graphical install. You will be asked a series of questions (language, location, keyboard… a lot of things that will remind you of the Windows OOBE). Press Continue on each screen, unless you feel the need to make changes. At the end of the first series of questions, Linux will do some hardware and network detection. If you do not have a DHCP Server available, you might need to set your IP Address manually.
If you are at a level where you are creating a Kali-Linux VM on Hyper-V, you should know how to find an IP Address and configure the subnet mask and gateway. Unless you have a domain you are working with in your lab, leave that blank. Pick a username for yourself, and set your password. When prompted, select your time zone.
The first really foreign concept you should encounter is that of the disk partitioning. Linux does not use drive letters like Windows. An advanced user might set up different virtual hard disks for all of the requirements, but I do not want to confuse anyone just yet. When prompted on the Partition Disks page, select Guided – use entire disk, and click Continue. On the next screen it will confirm the disk (in most cases it should read SCSI1 (0,0,0) (sda) – 42.9 GB Msft Virtual Disk if you followed my instructions). Click Continue.
The next screen gives us options to use different partitions for different mounts. I recommend you select All files in one partition (recommended for new users) and click Continue.
The next screen will ask you to select Finish partitioning and write changes to disk. Click Continue.
You will then be asked to confirm what we just set up, and to write the changes to the disk. select Yes and then click Continue.
Your Kali Linux is now installing, and it will take a few minutes to complete. After a few minutes, you will be asked for your Software Selection. For most, the defaults should suffice. Click Continue. This will take several more minutes.
Once it is done, you should receive a message that Installation is complete. Press Continue to reboot.
It should not take too long for you to receive a screen that looks like this in your VM:
You are ready to go! Okay, you are not… there are a bunch of gotchas in Kali Linux that are possible (or probable) stumbling blocks. I was joking a few days ago that it seems that several changes made to the most recent versions of Kali seem to have been made to frustrate Windows people who know a little bit of Linux. I have figured out most of them and so will you. It will take time, and you will be smarter for it.
I have said for years that IT should not be about religion, but about the best tool for the job. Integrating a Linux VM into your Windows environment is a good way to get the best of both worlds without having to spend more money. Most of my readers are likely long-time Windows users, as I am. It is not a crime to love the Windows environment and ecosystem, while recognizing that some tools are either better or at least more readily available in non-Windows environments.
I cannot imagine that I am ever going to live in the Linux space. I find too many of my Microsoft tools comfortable, and in the business (and personal) productivity space, Microsoft 365 wins hands down. For some things like cybersecurity, Kali Linux provides the right environment, with most of the tools pre-installed and ready to use. Why would I try to shoehorn those tools into a system where they do not belong and are not comfortable, when Kali on Hyper-V gives me the best of all worlds? More importantly, why would you?
Notes on SecurityOnion
While similar in many respects, SecurityOnion (another distro of Linux geared toward cybersecurity professionals) has some distinct differences in Hyper-V that you should be aware of when you build your VM. The main ones are the resources required.
- The installation will not proceed with less than 99gb of hard drive space. To be safe, I gave it 120gb.
- If you do not give it at least 12gb of RAM and 4 vCPUs, you will be warned about it during the installation. I have not tried it on minimal resources so I do not know if they will work or not, but you will be warned!
- The installation will require you to answer a few more questions, and in a couple of places you have to type something in (usually to agree with licenses and confirm that you did not just press Next – Next).
Good luck… It’s a lot of work, but a lot of fun too!
Leave a Reply