IDS and IPS is actual topic in IT security. Hackers attack networks around the world all the time, so every network needs to be protected and to protect yourself a virtual firewall can be installed, that doen’t consume too much resources and is simple to set up. pfSense is very good solution for this problem, as it provides nice web GUI and is based on BSD, that doesn’t need much resources at all, so it is possible to run it in the background. This virtual firewall was installed on Windows 7 host.

This projects goals were to install a firewall inside Virtualbox and use it as IDS/IPS. Oracle Vitualbox software was used to run the virtual machine.I followed  guide (link below) to set up pfSense. This blog post includes everything you need to know about how to set up pfSense in VirtualBox. In the blog post he chooses dynamically allocated disk space, but in this matter if it goes up, it doesn’t go down any more, so if you have some super crazy activity it could take a huge chunk out of your HDD’s memory, so you can take 4 GB static space.

First I had to install VirtualBox on my laptop, which I used as my workstation, which was a bad idea, because after VirtualBox installation it messed up my wireless adapter, and it’s not working properly anymore, driver clean re installation didn’t help, haven’t tried to re install my Windows yet. So I set up  desktop workstation, to make everything work. I installed VirtualBox, this time it didn’t mess anything up.

VirtualBox and pfSense

VirtualBox configuration and pfSense

VirtualBox is a nice tool when it comes to virtualization, it has enough options for settings, to create enviornment for your needs. pfSense was used because I had a little knowledge about it already and it is easy to install/ use. It really takes just a little from computer resources and is very lightweight.

VirtualBox resource usage

VirtualBox resource usage

It takes just 1-5 % of CPU power and it doesn’t use more RAM than was defined, however it can use less, if itsn’t necessary for the processing power.

After installation, I had to make sure that DHCP server is enabled on LAN interface to give my machine an IP address. Next I had to uncheck IPv4 TCP and IPv6 TCP for NIC, that is connected to the internet, so my machine wouldn’t get internet access from this connection, but through firewalls.

IPv4 an IPv6

IPv4 an IPv6

To run VirtualBox headless without it’s GUI, and automatic Virtual Machine booting/ saving to state/ shutdown would possible on system startup and shutdown, VirtualBox has to be added as a service. There is a nice a guy, who made this possible, and his build is avaiable on SourceForge (app. 2).

(Haven’t tried on Linux) By default VirtualBox starts after a little delay after turning the PC on, this could work if your machine is so slow, that it needs to start everything up, and later run VBox. It is possible, to run VBox right after startup, and for this a small script has to be made and added to Local Group Policies, so it would run it on system startup.

Automatic start on system startup

Automatic start on system startup

To connect to it headless I had to use VirtualBox Host-Only Network IP address in my remote desktop client (in this case, Microsoft’s default Remote Desktop client that comes with OS), however I couldn’t connect to it using Remote Desktop Services, maybe I have to change the firewalls configuration.

Link to blog for installation


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s