Tetrane is now part of eShard, read the annoucement.
Blog home Search
Blog home Search
Subscribe to What's New Subscribe to What's New
Recent posts
Categories
Tags

REVEN Free Edition - Available as a VM


Dec 14, 2021
by Marc
Categories: REVEN -
Tags: REVEN - Announcement -



We are happy to announce that REVEN Free Edition is now also available as a VM for an easy installation (QEMU, Hyper-V, VMWare). Below are the details to follow.

Download

How to configure the VM

The REVEN in a VM installation provides you with a single virtual disk (pre-installed VM disk). This disk must be put in a rightfully configured VM in order to boot properly.

  • A second empty disk must be created and attached to the VM to store the data.
  • Nested virtualization must be activated for this VM.
  • The VM must be accessible over the network.

The second data disk

To store the REVEN data, you will need to attach a second empty disk to the VM. This disk will automatically be formatted and will grow when necessary, so you won’t have any maintenance to do from inside the VM. It must be exposed to the guest as /dev/sdb, so you need to attach it in second position to any controller that would use the SCSI interface in Linux (SCSI, SATA, USB, SAS, Fibre Channel, FireWire, etc…). See this page of the Linux kernel doc for more information.

Nested virtualization

Nested virtualization will allow REVEN to launch hardware accelerated VMs to help you configure them for analysis. This setting is highly dependent on you hypervisor, so we advise you to look at the documentation. Here are some pointers for the most common solutions out there.

Network access

REVEN provides a Web UI to manage your analysis VMs and Scenarios, thus you will need a network access to the VM. This setting is even more dependent on your installation, as your hypervisor, but also your network configuration will come into account. The VM is configured to run DHCP client on any of its interfaces, and display its IPv4 in the MOTD, meaning many configurations that include a DHCP server on your side should work.

Troubleshooting

  • The VM ends up in emergency mode. There are multiple possible reason for the VM to end up in emergency mode, but the most probable is that it cannot find the second disk. It should be detected in /dev/sdb. Try moving the disk to a different disk controller on your hypervisor, otherwise open an issue.

  • I can’t access the Web UI even if the VM doesn’t seem to complain about anything. There probably is an issue with your network configuration. To help debug any problem, please note that both ping and ssh will answer and that no firewall has been configured on the VM. If you cannot figure it out, feel free to open an issue.

Next post: Yes, race conditions can be detected with a single core Timeless Debugging and Analysis platform!
Previous post: REVEN Free Edition - Install Party