The objective of this project is to use IpCop (Free Linux Distribution) in a Virtual Machine to protect a Windows host system on any network. IpCop is a very powerful Linux based Firewall with advanced functions like: VPN, NAT, Intrusion Detection (Snort), Web Based administration, and Routing. The concept is that all traffic on the host OS will have to travel through the IpCop VM, thus protecting the Host. The host Windows system will not have any IP connectivity on its physical NIC and will be unable to communicate on the network without the VM running. The Host and the VM will communicate using the Microsoft Loopback Adaptor (installed on the host). You will also be able to configure other VMs to easily use the IpCop VM as their gateway to the network/internet as well.
- Host PC running Windows XP, Vista, or Server 2003 (maybe Server 2008).
- Download/Install latest version of Microsoft Virtual PC. (http://www.microsoft.com/windows/products/winfamily/virtualpc/default.mspx)
- Download the latest .ISO build of IpCop. (http://www.ipcop.org/)
- Install Microsoft Loopback Adaptor (XP instructions: http://support.microsoft.com/kb/839013)
- Review IpCop documentation (http://www.ipcop.org/index.php?module=pnWikka&tag=IPCopDocumentation)
I recommend the "Installation Manual" and "Quick Start Guide"
- Although you will not be altering any system files, it is recommended that you back up your system before starting!
Note: This HowTo was performed on a Windows Vista Ultimate system.
Step 1: Document your current network settings.
2 - Find the "Local Network Connection" that is currently connected to the network/internet. Right Click and choose "Properties"
3 - Select "Internet Protocol Version 4 (TCP/IPv4)", and click the "Properties" button.
4 - Document all of your settings found here. (ex: DHCP Enabled, Static IP settings)
5 - In my example, I'm using DHCP on a 10.0.0.0/24 network.
6 - If you've already downloaded Virtual PC and the IpCop ISO, continue to step 7.
7 - Find the "Local Network Connection" that is currently connected to the network/internet. Right Click and choose "Properties". Un-check the boxes (disable) "Internet Protocol Version 4 (TCP/IPv4)" and "Internet Protocol Version 6 (TCP/IPv6)". At this point, you will not have IP connectivity on your network.