Whitepaper: Installing a virtual honeywall using VMware

Diego González Gómez produced this interesting paper on the first day of the year. It really worths the reading since seems the first 2005 virtualization news:

The Honeywall CDROM is a bootable CD with a set of open source tools configured by the Honeynet Project to make the implementation of a GenII Honeynet Gateway easier. Using this document as an installation guide, we are going to implement the Honeywall using the commercial software, VMware . This document makes a few assumptions, one of them is that you have read and understood the papers Know Your Enemy: Virtual Honeynets, Know Your Enemy: Learning with VMware, Know Your Enemy: Honeywall CDROM.

VMware is virtualization software that allows the running of multiple operating systems at the same time on Intel x86 architectures. It was and is developed by VMware Inc. and it has three product lines, namely Workstation, GSX, and ESX. We will be using Workstation. You can download a free evaluation version here.

Several tools included in the CD are only available for GNU/Linux platforms. One of the advantages of using VMware is that it permits the implementation of the Honeywall under any operating system supported by this program. Up until the CD was released, the only way to install a complete Honeywall under Windows (with traffic limiting capabilities using iptables, for example) was to first install VMware and then configure a GNU/Linux distribution under it. But now, with the introduction of the Honeywall CDROM this task is very straightforward.

Another reason for implementing the Honeywall using VMware is that by default, Honeywall uses all resources of the machine you install it on. If a virtual environment is used then this is restricts the Honeywall to use only the resources inside the virtual machine. The advantage is that it is not necessary to consume all the resources of a machine to install the Honeywall CDROM.

Finally, VMware is a good tool for testing purposes. It is an excellent option to develop and experiment with multiple customized Honeywall CDROMs in a controlled environment.