REMnux Version 4 Installation Notes

Below is an outline of several installation challenges, issues and workarounds for installing REMnux v4. However, please note that since the release of this article, a newer version of REMnux was release. Please visit the REMnux website to get the latest version.

VirtualBox on Linux: Unknown Element "Config"

Several people reported a problem installing the REMnux v4 OVA virtual appliance using VirtualBox on Linux. This is not a problem with VirtualBox running on Windows. When importing the virtual appliance on Linux using VirtualBox, they encountered the following error:

Failed to import appliance remnux-4.0-ovf-public.ovf.
Error reading "remnux-4.0-ovf-public.ovf": unknown element "Config" under Item element, line 47.
Result Code: VBOX_E_FILE_ERROR (0x80BB0004)
Component: Appliance
Interface: IAppliance {3059cf9e-25c7-4f0b-9fa5-3c42e441670b}

To address this problem, first, extract contents of remnux-4.0-ovf-public.ova using tar:

tar xvfz remnux-4.0-ovf-public.ova"

Then, use a text editor to modify the remnux-4.0-ovf-public.ovf file to remove all "Config" lines:

<vmw:Config ovf:required="false" vmw:key="ehciEnabled" vmw:value="true"/>
<vmw:Config ovf:required="false" vmw:key="wakeOnLanEnabled" vmw:value="false"/>
<vmw:Config ovf:required="false" vmw:key="tools.syncTimeWithHost" vmw:value="false"/>

After saving the file, compute the modified file's SHA1:

sha1sum remnux-4.0-ovf-public.ovf

Then save the resulting hash into the file, so that its contents look like this:

SHA1(remnux-4.0-ovf-public.ovf)= cab3570a993adbe332708d44242139fa78e281d5
SHA1(remnux-4.0-ovf-public-disk1.vmdk)= 09ced1f28b2a654d235701350cc3f84bfd1ec772

Your SHA1 value of the OVF file might be different, depending on how you edited the OVF file.

After you've taken these steps, you should should be able to import the REMnux virtual machine into VirtualBox on Linux by pointing VirtualBox to the remnux-4.0-ovf-public.ovf file.

VirtualBox on Linux: Nonexistent Host Networking Interface

Several people reported a problem reported a problem launching the imported REMnix v4 virtual system when using VirtualBox on Linux. This is not a problem with VirtualBox running on Windows. The error they saw stated:

Nonexistent host networking interface, name '' (VERR_INTERNAL_ERROR).
Result Code: NS_ERROR_FAILURE (0x80004005)
Component: Console
Interface: IConsole {1968b7d3-e3bf-4ceb-99e0-cb7c913317bb}

This issue is tied to the host-only adapter not being configured by VirtualBox for the virtual system. To address it, assign the Host-Only Ethernet Adapter to the virtual system using VirtualBox. The following step-by step directions are based on documentation:

  1. Select Preferences... under VirtualBox's File menu, then click Network.
  2. "If VirtualBox Host-Only Ethernet Adapter does not already appear in the white box under Host-only Networks, click the icon to the right of that box, and VirtualBox Host-Only Ethernet Adapter should then appear in the box."

Converting to KVM Format: Error Using "qemu-img convert"

In addition to importing the OVF/OVA-formatted virtual appliance into tool such as VMware and VirtualBox, you can convert the VMware-formatted REMnux virtual appliance for use with KVM virtualization software. To do this, download and extract the file. You could also use the OVF/OVA-formatted virtual appliance, but then you would need to first extract the files prior to conversion by using the "tar" command mentioned above.

Use the QEMU "qemu-img convert" command to convert the REMnux VMDK file into the qcow2 format.

You might need to first upgrade qemu-img from the git repository to address a know QEMU bug on CentOS. The error might look like this:

qemu-img info remnux-4.0-ovf-public-disk1.vmdk
qemu-img: Could not open 'remnux-4.0-ovf-public-disk1.vmd

To address this problem, use the latest version of qemu-img from its git repository, instead of using the qemu-img package from the CentOS repository.

Running REMnux in Hyper-V: Spurious ACK

Some users reported problems when running the Live CD version of REMnux as a virtual machine inside Microsoft Hyper-V. The error they encountered when booting the system said:

Spurious ACK... Some program might be trying to access hardware directly

This problem might be related to the virtual hardware that Hyper-V uses for the network interface card, which might not be compatible with Linux. This issue and several potential workaround are discussed here and here.

A good workaround might be to convert the REMnux virtual appliance from the VMware format into the Hyper-V format using StarWind V2V Converter.

MASTIFF: Could Not Open File

The MASTIFF installation on REMnux is missing plugins. This might exhibit as the error when running "" that states "Clold not open file" and "ERROR accessing file." To address this problem, upgrade MASTIFF on REMnux using the following steps after connecting your REMnux system to the Internet:

cd mastiff-upgrade
sudo ./
cd ..
rm -rf mastiff-upgrade

Malizilla Font

Malzilla installed on REMnux v4 appears to use difficult to read fonts. The problems stems from Malzilla expecting to find the Courier New font, which is not installed as part of the REMnux' installation of Wine. To address this problem, configure Wine on REMnux to substitute Coutier font for Courier New.

To do this, execute the following commands on your REMnux system after connecting it to the Internet:

regedit substitute-courier-new-font.reg
rm substitute-courier-new-font.reg

ProcDOT: Newer Version of ProcDOT Available

After the release of REMnux v4, a new version of ProcDOT became available. To update, execute the following commands on REMnux after connecting it to the Internet. Ensure that the URL below points to the latest Linux release of ProcDOT, available on the tool's website.

mkdir procdot
cd procdot
chmod a+x lin32/*
sudo mv lin32/* /usr/local/bin
cd ..
rm -rf procdot

Adding Support for exFAT Filesystem

REMnux v4 doesn't include built-in support for the exFAT file system type. However, you can add it quite easily.
First, connect your REMnux host to the Internet. Then execute the following commands:

sudo add-apt-repository ppa:relan/exfat
sudo apt-get update
sudo apt-get install fuse-exfat exfat-utils

About the Author

I transform ideas into successful outcomes, building on my 25 years of experience in cybersecurity. As the CISO at Axonius, I lead the security program to earn customers' trust. I'm also a Faculty Fellow at SANS Institute, where I author and deliver training for incident responders. The diversity of cybersecurity roles I've held over the years and the accumulated expertise, allow me to create practical solutions that drive business growth.

Learn more