The objective of this project is to use IpCop (Free Linux Distribution) in a Virtual Machine to protect a Windows host system on any network. IpCop is a very powerful Linux based Firewall with advanced functions like: VPN, NAT, Intrusion Detection (Snort), Web Based administration, and Routing. The concept is that all traffic on the host OS will have to travel through the IpCop VM, thus protecting the Host. The host Windows system will not have any IP connectivity on its physical NIC and will be unable to communicate on the network without the VM running. The Host and the VM will communicate using the Microsoft Loopback Adaptor (installed on the host). You will also be able to configure other VMs to easily use the IpCop VM as their gateway to the network/internet as well.

- Host PC running Windows XP, Vista, or Server 2003 (maybe Server 2008).
- Download/Install latest version of Microsoft Virtual PC. (http://www.microsoft.com/windows/products/winfamily/virtualpc/default.mspx)
- Download the latest .ISO build of IpCop. (http://www.ipcop.org/)
- Install Microsoft Loopback Adaptor (XP instructions: http://support.microsoft.com/kb/839013)

- Review IpCop documentation (http://www.ipcop.org/index.php?module=pnWikka&tag=IPCopDocumentation)
I recommend the "Installation Manual" and "Quick Start Guide"
- Although you will not be altering any system files, it is recommended that you back up your system before starting!

Note: This HowTo was performed on a Windows Vista Ultimate system.

Step 1: Document your current network settings.

1 - Browse to Control Panel > Network Connections.

2 - Find the "Local Network Connection" that is currently connected to the network/internet. Right Click and choose "Properties"

3 - Select "Internet Protocol Version 4 (TCP/IPv4)", and click the "Properties" button.

4 - Document all of your settings found here. (ex: DHCP Enabled, Static IP settings)

5 - In my example, I'm using DHCP on a network.

6 - If you've already downloaded Virtual PC and the IpCop ISO, continue to step 7.

7 - Find the "Local Network Connection" that is currently connected to the network/internet. Right Click and choose "Properties". Un-check the boxes (disable) "Internet Protocol Version 4 (TCP/IPv4)" and "Internet Protocol Version 6 (TCP/IPv6)". At this point, you will not have IP connectivity on your network.
hi joshua, first at all,Thanks for this useful instructable.<br>but I think there are some typos related to the network interfaces configuration, in step 2.5 we have the same Gateway an DNS (, them we have different configurations in step 3.22(image 5) showing a IP adress and netmask which is in a diferente network segment of the ip and netmask of the 2.5 step.<br>Please forgive me if I understood something wrong
simply excellent!!!!
Great work! Thanks
DID Great JOb..... Thanks A Lot Arun Rai
Awesome Instructable. Pictures are great (screenshots :P), a lot of detail too, nice job.

About This Instructable


42 favorites


More by joshuasiok: How To:  Setup an IPCop Virtual Machine Firewall to Protect your Windows Host (For Free!)
Add instructable to: