Due to a policy decision, we will not be deploying this, although it does work. The security concerns over this method include the following:
- Key logger on the host Windows (tm) machine. This could conceivably be used to capture the private key password and potentially grant unauthorized access.
- Malware on the host Windows (tm) machine. Might be able to send through the VPN...seems unlikely.
- A virus on the host Windows (tm) machine. Might be able to propagate itself through to the internal network...again this seems unlikely.
This is what you do to create one. This method is likely useful for other projects.
- Download qemu-0.8.2-windows.zip from http://www.h7.dion.ne.jp/ qemu-win/
- Unzip qemu-0.8.2-windows.zip into the win-qemu-yourvpn-cd directory.
- Move all the qemu-0.8.2-windows files up one directory. Remove the qemu-0.8.2 directory.
- Make an icon file. I used a stock one and resized with GIMP.
- Create an autorun.inf file in win-qemu-yourvpn-cd directory containing the following:
- Copy qemu-win.bat to yourvpn.bat.
- Edit yourvpn.bat replacing the last line in the file with:
qemu.exe -L . -m 64 -soundhw all -localtime -cdrom yourvpn.iso
- Copy the fully made bootable .ISO image yourvpn.iso from where it is currently to win-qemu-yourvpn-cd
- Make an ISO of this directory:
mkisofs -pad -l -r -J -V "WQYOURVPN v0.1" -hide-rr-moved -o wqyourvpn.iso /home/jeff/Desktop/win-qemu-yourvpn-cd/
- Burn the ISO and try it on a Windows (tm) box.