Re: Virtual Machine from an existing Physical Machine

[Matt Snell <mattds.seclists () gmail com>]

On Thu, Feb 08, 2007 at 04:04:01AM -0800, Antnio C. N. Crespo wrote:
> Hello Folks,
>    
>   Do you have any experience converting physical
> machines into Virtual 
> machines to be used with Microsoft Virtual PC or even
> VMWare?
>    
>   I'd like to do this with client desktops or even
> servers that where 
> hacked or must be checked, forensics, I mean.

I've had luck migrating some legacy W2k boxes from physical to virtual using VMware's
(then) P2V app.  I documented the steps it took on an XP machine as well
(below).  There may have been an easier way, this is just how I got it to
work.  Please excuse any goofy commentary, these were just notes for me.

FYI: p2v is now Converter http://www.vmware.com/products/converter/




How to convert an existing Windows parition to a VM.

I did this because a lot of my important data (financial 
software etc) is on my Windows machine and I couldn't afford
to be without it while I reloaded the OS.
_____________________________________________________

Tools needed: 

Windows
Ghost boot CD/floppy
VMWare (Workstation, ESX or GSX Server)
VMWare's P2V 2 Util
_____________________________________________________

Boot source machine with Ghost boot CD/floppy

Ghost the boot partition to image
        I had space on another partition on this machine.  newer ghost
        has ability to write to usb drives.  You may want one of those versions
        *note: corp edition 8.2 crashed when I attempted to write to usb/ntfs disk

Start VMWare Workstation (in my case)
        Create new Windows XP VM
        If image is on another partition, define it (as a partition) in VM
        Start new machine and Ghost boot 
                I was unable to boot from floppy, used boot cd iso instead
        Restore source partition, from image to primary disk defined in VM
        Shutdown VM

Start P2V
        Perform a system reconfiguration on an existing virtual disk
        Browse to the VM (.vdmk) that was just created, and select it

        P2V will scan VM and display volume & OS information (click next)

        Select your target VMWare product (I selected workstation 4.5.2 or 5.x)
        Do preinstall a temporary VMWare SVGA Driver (click next)
        Click next (AGAIN)

        If all goes well you'll get a congrats and P2V will tell you 
        that there are some remaining manual steps, review the steps
        and click finish.

Launch VMWare with the image 
        I removed the physical drive I mapped earlier to prevent accidents
        Install VMWare Tools

_____________________________________________________

Now you have an image you can move to another machine and use while you rebuild
or test the original source machine.  As long as you have 2 machines, there's no
reason at all to have downtime while mucking about with your Windows box.

The whole process too about 30 minutes.  Sexy huh?


-- 
M@