You are currently reviewing an older revision of this page.

Hyper V Testing

A few notes

This wiki page explains how to setup a MDR data collector VM in Hyper-V. The content is still under development

Accessing the Hyper-V Server

  1. Use Team Viewer to access the Ubuntu VM in your test environment

  2. Click on the RDP Client icon in the taskbar.

  3. Double-click on the WinServer2016 entry

Creating and Downloading the VM

  1. Login to your Central account

  2. Create an integration selecting Hyper-V for the virtual platform*

  3. Download the image once it is ready

Installing the VM

  1. Extract the zip file into a new folder under the users directory

  2. Navigate to the new folder, right click on the ndr-sensor file, and select Run with PowerShell

  3. Use the same values for each question as shown in the last image below

Running the VM

  1. Open the Hyper-V Manager application, you should see the newly installed VM under Virtual Machines

  2. Click on the VM, then in the lower right pane, select Start and then Connect

Configuring Network Interface to be used

Example below:

Use below settings :


TESTING - Send data for malware detections

In terminal run: pcaprunner -r 2022-02-25-Emotet-epoch5-with-Cobalt-Strike.pcap -d 10.0.253.5 -s

Cookie Information Banner