Installing and running a myriad of security testing tools on your main Windows system is a surefire way to guarantee instability and frustration. Everything these security tools require -- network shims, registry add-ons, SQL Server Express installations, etc. -- junk up the base Windows installation. Within a matter of months, a once fresh Windows system is now a pit of inefficiency. Basic applications -- such as Internet Explorer and Microsoft Word -- take ages to load, and security tools may not work at all.
I fought this problem for years -- until I moved to VMware Workstation. Running security testing applications in a separate virtual machine (VM) was the best thing I ever did to improve my system's stability and overall work efficiency.
Windows 7's Windows XP Mode provides a similar functionality. It is different from other workstation-based VM products in that it is essentially a full-blown version of Windows XP SP3 running inside a Microsoft Virtual PC session in Windows 7.
If you have Windows 7 Professional, Ultimate or Enterprise editions -- as well as enough RAM and a beefy enough system to handle this type of configuration (i.e., 6 GB RAM, dual-core processor and a 7,200-rpm hard drive) -- you're ready to roll. Simply download and install Windows XP Mode and Virtual PC.
Running a security testing environment in a dedicated VM leaves the base system alone, and thus standard applications keep working at their best. Another benefit is that security tools can be run in a segmented/sandboxed fashion: Antivirus software and other apps that tend to hamper security testing can be disabled. Finally, the VM containing the security testing tools can be copied to another system when it's time to reload or change machines -- without having to reinstall everything.
Furthermore, an actual VM, as shown in Figure 1, or virtualized applications can be run with XP Mode.
That's right -- when a program is in installed in XP Mode, it is also available in Windows 7. This direct access means you don't have to first load up the VM: All virtualized applications are located under All Programs\Windows Virtual PC\Windows XP Mode Applications. You simply click on the application you want, and XP Mode launches the application as if were running as a standalone app in Windows 7. You also have seamless access to your local Windows 7 drives from within your XP Mode session.
With Windows 7, not being able to justify a dedicated security testing environment has become a thing of the past. Even if you're a hardcore user of products such as VMware or VirtualBox, Windows XP Mode is worth checking out.
ABOUT THE AUTHOR:
Kevin Beaver is an information security consultant, keynote speaker, and expert witness with Atlanta-based Principle Logic, LLC. Having worked for himself over the past seven years, he specializes in performing independent security assessments and helping IT professionals enhance their careers. Kevin has also authored/co-authored seven books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley). In addition, he's the creator of the Security On Wheels information security audio books and Security on Wheels blog providing security learning for IT professionals on the go. Kevin can be reached at firstname.lastname@example.org.
This was first published in February 2010