[ previous ] [ next ] [ threads ]
 
 From:  "James McKeand" <james at mckeand dot biz>
 To:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Microsoft Virtual PC & m0n0wall
 Date:  Fri, 26 Aug 2005 06:56:52 -0500
Chris Buechler wrote:
> On 8/25/05, Steve Yates <steve at teamits dot com> wrote:
>>        Has anyone tried to run m0n0wall under Microsoft Virtual PC
>> 2004? We have spare copies of Virtual PC and I'm thinking about that
>> to save PC hardware. 
>> 
> 
> I know some people do, yes.  But I would strongly suggest not doing
> so in a production environment, it's best suited for testing and
> development.  Too easy to get Windows to start binding stuff to its
> NIC's that won't be protected by the firewall.  With that, you're one
> click and one missed patch away from being owned.    

You could add a 2nd and 3rd NIC to a system and configure VPC to use
just those NICs and disable the NICs for all other purposes. Then TEST
TEST TEST... Then test some more.

When you account for the value of your time. It will take time to get
VPC to boot m0n0wall (can be done - not the easiest) and time to secure
the host (Windows PC) and keep it secure. For a few more bucks get a
Soekris and save the time and frustration...

This is why I agree with Chris - Virtual PC or VMWare are best suited
for a testing/training/development environment.

_________________________________
James W. McKeand