These scripts build out the community SIFT ova file.
Notice: this is for advanced users, docs might not always be up-to-date.
All this building and testing and development has been done with VMWare Fusion, it should work with workstation, but has not been tested.
For best results, its best to first create a machine and install ubuntu 16.04 manually or using the easy install, after that you can use all the build scripts to build the VM.
Note: You might have to remove the scsi entries in the .vmx file around the cd-rom and auto detect with the first base vm you initial create, it can cause problems with packer and there is a bug open for it.
You only need to do this step once. If you use easy install, set the username to sansforensics
and password to forensics
. Once everything is installed, you'll want to login and install openssh-server, after that, you can shutdown and exit the VM, you will not need to come back to it.
sudo apt-get install -y openssh-server
The reason for the preflight VM is simply to make doing builds easier and more consistent in the long run. There is less work that the step 3 has to do, and if step 3 fails for whatever reason, you do not have to start back over at square one.
This is a VM that installs all the base requirements without installing SIFT.
packer build -only=vmware-vmx preflight.json
OR
make preflight
This takes the preflight VM and turns it into SIFT.
packer build -only=vmware-vmx sift.json
OR
make sift
This takes the SIFT VMX and runs the SIFT scripts to build an updated VM.
packer build -only=vmware-vmx update.json
OR
make update
This assumes you are on OSX with vmware fusion installed
make export
Unlike the VMWare and desktop mode build, the AWS build is a server only. In this configuration we do not need to build any base or preflight images ahead of time.
make sift-aws