Need a VM for running a PHP Sandbox
- by Phani
I am working on Web application honeypot. It collects PHP files it receives (as part of an RFI attack) and runs them in order to return the result back to the attacker. The aim is to coax the bad guy into going further into his attack. Based on the answers to my SO question, I am looking at using VMs for running the PHP Sandbox.
The honeypot itself consists of Python code and will be running in a Linux environment (preferably Ubuntu-like). These are some of the requirements:
The VM should be a light weight as possible. We are going to distribute the code around and many people are going to use the VM along with the Python based honeypot. So, the installation and configuration should not be too difficult.
The guest system would also be Linux as we are going to distribute the VM image around.
It should be possible for the Python code outside to talk to the guest system. It would be passing on the PHP file to the guest system and will get the output result from it.
It should be possible to automate the initial configuration of the VM (such as allocation of RAM etc.) I would like to randomize these settings in order to make the sandbox less 'fingerprintable'
I have looked at OpenVZ and KVM so far. Are there any other VMs that I might look at? What do you recommend?