Virtually BackTracking Slacking and SLIPing…
This is my story of resurrecting and installing a Slackware Linux system from 1999 in a modern environment. Particularly I’ll focus on getting the only hard part working, which was the network. I don’t claim that this is the only way to do this, the best way, or that it is even optimized for what it is… I just claim it worked and I think it was a cool little project.
Recently, due to a training class I’ll talk about later, I’ve taken to rebuilding a lab network of machines to experiment with from a security perspective. Unfortunately I had just gone through an exercise during our house move and a recent office move that involved throwing out old CDs of software and OS installs “I would never use again.” Please let me first state. NEVER DO THAT. Just as soon as you think “I’ll never need this again,” you need it.
My lab network is installed on Oracle VirtualBox and configured on the “internal” network devices in VirtualBox making it a pretty much isolated subnet which can house old unpatched and broken systems to play with. The only host with connections to the “bridged” network and this “internal” network is a BackTrack 5 install I’ll use to poke at the others. If you haven’t checked out Oracle Virtualbox, do so!
I was able to dig up a Slackware 3.5 CD from 1999 that was at the bottom of a crate of “computer stuff”. Back then I had used this CD to build a server that lived on the internet for a few years hosting my domains. Creating the VirtualBox VM was simple enough and to my surprise the system booted right up and installed (once I chuckled about setting up partitions manually, building swap, and picking my packages). The FULL install fits in a tight 390MB It booted the first time and I was able to log in… everything looked good.
Except the network…
The network adapters that Virtualbox can present (AMD PCnet PCI II (Am79C970A), AMD PCnet-Fast III (Am79C973), Intel Pro/1000 MT Desktop (82540EM), Intel Pro/1000 MT Server (82545EM), and Intel Pro/1000 T Server (82543GC)) on the internal do not have drivers available for this kernel version.
I got to thinking about ways to get this box on my internal virtual network, usb was not an option as that was also a 2.2 kernel item and then I remembered connecting linux systems to dialup ISPs back in the day. SLIP came to mind…
VirtualBox supports “host pipe” serial ports that can be presented to each OS. Supposedly, if you configure two hosts on the same “host pipe” (see syntax below) these two hosts can communicate via this pipe as a null modem cable. This works… I added a similar configuration for both the Slackware system and my BackTrack system with the BackTrack system “creating” the pipe. I put it on COM2 on both systems because Slackware thought there was a serial mouse on COM1
This successfully showed up as a serial port on both systems when they booted. (/dev/tty01 on the Slackware system, /dev/ttyS1 on the BackTrack box). Then the question was just how to get packets flowing between them.
Bringing up the SLIP interface on the Slackware end proved to be a little bit tricky for reasons I can’t exactly explain. For some reason the /dev/tty01 device at some point disappears between when the kernel finds it and when I log in. Attempts to connect to it will fail. It shows up on /dev/cua1 which I see referenced in documents regarding modem setups. The command to attach the SLIP interface on the 2.0.34 kernel Slackware system is:slattach -p cslip -s 19200 /dev/cua1 &
Where cslip is my chosen protocol and 19200 baud is my chosen speed (old school ). Then it is just a matter of bringing up the network interface (sl0) with:ifconfig sl0 192.168.124.2 pointopoint 192.168.124.1 netmask 255.255.255.255 up
Where sl0 is the interface, 192.168.124.2 is the IP I want the Slackware system to have and 192.168.124.1 is the BackTrack system. At this point the system didn’t have a routes to the other host. So I added one:route add -host 192.168.124.1 sl0
Now over to the BackTrack host which was a bit different. It is running a 2.6.39 kernel and based on the layout of the distro (Ubuntu based) it differs a bit in the network configuration. Bringing up the SLIP interface involved putting the following into /etc/network/interfacesiface sl0 inet static address 192.168.124.1 netmask 255.255.255.255 pointopoint 192.168.124.2
The slattach command was similar (different device):slattach -p cslip -s 19200 /dev/ttyS1 &
Then it was just a matter of ifup sl0 on the BackTrack machine and we were good to go. The more modern OS was kind enough to add all of the routes we needed. We had IP connectivity and about 130 seconds later at 19200 baud we had a portscan… this should be an entertaining pentest lab machine Maybe my next goal will be to harden it and setup routes to the internet…
I found the following articles and links pretty helpful in this configuration as well. They would probably be good starts for further reading if you are doing something like this: