VMWare Users

[KDNeese]

Was just wondering how many of you use VMWare for security purposes. I have been reading about this application for some time, and finally decided to use it. This app is beyond cool! It is almost unbelieveable to me that I am now running Linux on my desktop, and using Firefox with NoScript, CookieSafe, and all those other cool extensions that I've been used to using. The thing that astounded me is how easy it is to use. Plus, as the documentation says, since this is actually a computer within a computer, it is separate from my XP system and immune to all the crapware that infects Windows. Also, a lot of software that wouldn't run right in XP run like clockwork in Ubuntu Linux (OS included in browser appliance). Also, there are other virtual machines (that include software packages and other versions of Linux) that you can download and run with the VMWare virtual macine. I have simply been amazed at my browsing and download speed with the lightness of Linux as compared to the heaviness of XP. While very different, it is somewhat the same principle as running a sandbox - keeping the browser separate from the rest of the system. There are so many other things I could talk about. The nice thing about it is that you don't have to be a technical person to run this - the VMWare app does everything for you. Was a very strange feeling to see an Ubuntu Linux computer booting up inside my actual computer. People, you have to try this app! You can download updates, software, etc just like you can on your actual machine. Also, the graphics are superb. In fact, a lot of the open source software looks and runs much better in Linux than it does in XP. The security aspect is the best thing. Like I said, it is immune to the crapola that affects Windows. Anyway, would appreciate any insights or experiences that others have had with this software. It's really a blast!

[Meriadoc]

Hi KDNeese, I've been a user of VMWare for many a year now; VMWare Workstation, ESX, Infrastructure, Assistant, Subscription and Lab and find the company and products to be the best in what I want for virtualization of computers and networks, also the community for VMWare is excellent.

Quote:

Was just wondering how many of you use VMWare for security purposes

As you know now through the browser appliance running Firefox in Linux OS within the industrial strength virtualization of VMWare keeps your PC very safe and secure.
Experiment! try all those OSes, appliances and visit the forum.

VMWare.com

[Peter2150]

I also have VMware workstation, and am impressed, and among other things security is a factor. I've really lightened my security stuff, as if I am uncertain about where I am surfing I do it on the VM.

You are so right about this being cool stuff.

Pete

I use vmware Workstation and server depending on what im doing. I have used my VM winxp to test softwares, see malware in action and use it as a router where my actual external IP address is the vmware and the vmware gave my host pc an internal ip. This adds to security and safety from hackers especially if you have a real router and enough memory in your pc to have several low level windows 2000 pc with minimal ram to confuse a hacker. The only bad thins with testing malware in a VM OS is that some malware will refuse to function in vmware and will only work in a real OS on real hardware.

[Pedro]

Yep, this VMware rocks! I ran my first Linux with it a few days ago! So far, no other goodie is this good!

For security, VMware inside sandboxIE, and the whole package GeSWall'ed! Behind a NAT router!

Oh my god WOW. Thats like some tin foil hide behind the sofa kind of stuff right there. thats like taking huge amounts of polythene sheeting and duct tape and having huge air filters all securing your house in this manner to keep the guy away that lives 4 cities away that has an IQ of 130 thats mantally unballenced and has a hate for you.

[Mrkvonic]

Hello,

No it would using Lynx text browser in Slackware guest running on PC-BSD host, plus router and machine gun.

Anyhow, using VMware for quite some time, doing some pretty wild and fancy stuff. I have more than 20 VM, all custom build, all doing crazy things.

Today, I have completed installing a fresh PC - real one - triple boot, XP, SUSE 10.2, Ubuntu 6.10, all of which run VMware Servers and virtualize one another.

Mrk

i think vmware 'aware malware is a real problem. If you test a suspected malware in vmware, and it does no harm, and you run this supected "ok ware" in your pc and it explodes in a fury of harmful activities they are you really Screwed. As i know there is absolutly no method to stop this

[KDNeese]

Hey thanks for your responses. I am not at the level of many of you, having just started using this less than a week ago. I am not planning on testing malware or doing anything risky - just want to enjoy this and surf safely as usual. I am using VMWare more for fun than security, really. Right now I am just using the browser appliance, but have several more appliances I plan on downloading and trying out. I only have dial-up connection (living in the boondocks of Montana) so it takes forever to download these huge files or images.

One question I have concerning the Ubuntu 6.10 LiveCD, which I am in the process of downloading (along with SUSE 10.1, KDE 3.5, Ubuntu 6.06) in increments... If don't install Ubuntu, but just boot from the LiveCD, can you save any changes you make (am speaking mostly of adding software, creating and saving documents, etc)? Or, would you have to run the LiveCD in VMWare in order to save changes? In running the browser appliance, I have had no problem updating, adding new apps, etc and then saving the changes. Would appreciate any advice on this.

Quote:

Originally Posted by Mrkvonic

Today, I have completed installing a fresh PC - real one - triple boot, XP, SUSE 10.2, Ubuntu 6.10, all of which run VMware Servers and virtualize one another.

This is what I would love to be able to do. I've been doing some reading on dual-boot, but so far I'm not really understanding the process, especially the partitioning and configuring aspects. I would love to be able to run Linux directly on my computer without running Windows at all. I don't want to completely do away with my XP, since there is software I use that won't run on Linux, but would love to have the dual-boot scenario. If you could provide some good links that possibly explain the process in low-tech terms, I would really appreciate it. Also, Mrk, in reading info at your website link, I know you recommended SUSE 10.1. Would you recommend going with 10.2 or the latest release of Ubuntu?

I want to thank all of you in advance. I have learned so much at Wilders - you all are great sources of info and learning!

[Mrkvonic]

Hello,
SUSE 10.2 is also very nice. A few new interesting features like the progressive K Menu. The ZENworks also works faster. Feels a smoother ride.
Ubuntu is also very nice. Maybe better for newbies. But I love all Linuxes.
As to dual boot, installations, setting up vmware server, running Windows in Linux, I've written all about it, you can use that info.
Mrk

[Ice_Czar]

Quote:

Originally Posted by Mrkvonic

No it would using Lynx text browser in Slackware guest running on PC-BSD host, plus router and machine gun.

there you go again
leaving out important security steps like where you encase the PC in cement
you should also try to find a school bus driver or postal worker to wield the machine gun
all these shortcuts are going to satch up with you some day



just starting with VMware myself
but Im convinced virtualization is the best tool we have available currently

[Rasheed187]

Yes VMWare is cool, but I´m not seeing it as a security tool, I use it mainly to test software. I mean I´m not going to boot a full OS to protect myself from malware, I would rather use tools like Sandboxie for this. And the downside of tools like VMWare is that it uses quite a lot of RAM, and it also runs a bit slower than a "real machine" of course. But I´m sure it will become better.

[Ice_Czar]

well I include sandboxes in "virtualization"
besides the workstation has 4GB of PC2700 and there are definate advantages to running W2K inside of Linux

but I too just use sandboxie for my other boxes and clients

[Alphalutra1]

Quote:

Originally Posted by Mrkvonic

Hello,
No it would using Lynx text browser in Slackware guest running on PC-BSD host, plus router and machine gun.

I can beat that

Slackware host, with truecrypt container, with openbsd guest running inside truecrypt container, plus pfSense as gateway with antivirus scanning, spam filtering, etc., then a few howitzers and wrap around some tin foil

Actually, I really just use vmware to run freebsd, arch linux, or crux linux while I am in windows. Not really concerned about the security aspect

Cheers,

Alphalutra1

[wilbertnl]

Quote:

Originally Posted by Alphalutra1

...while I am in windows...

HUH?!?

( )

[Mrkvonic]

Hello,

If I read correctly, when booted in Windows, he has vms with arch, crux and freebsd. Just as I use (k)ubuntu, suse, slackware, redhat, mandriva, fedora, knoppix, feather, damn small, puppy, gentoo, pc-bsd, linux from scratch, and a few others....

By the way, alpha, do you have any machines to share?
Did you upload to VTMN?

Mrk

[Alphalutra1]

Quote:

Originally Posted by Mrkvonic

By the way, alpha, do you have any machines to share?
Did you upload to VTMN?
Mrk

I haven't really thought about sharing any , but I can easily reduce the size of the harddisks from 10 GB to around 1 GB, including xorg installation and everything I use (dwm window manager, gvim, gcc, jdk, jre, opera, sylpheed, vmware-tools, etc.). I can throw the disk in a tarball and bzip2 it as well to decrease the size further, then upload it.

If I have any time, I will try and submit one (probably a crux linux and arch linux one since there aren't any submitted yet) I will also probably include the enlightenment window manager for those who like non-tiling window managers still with eye candy (or maybe xfce).

Also, I don't really have any working/up-to-date ones at the moment, but it won't be that hard to get one up and running.

Cheers,

Alphalutra1

[KDNeese]

OK - another question. I don't use a hardware router, just a software firewall on a dial-up connection. Yet, since installing VMWare, my entire configuration has changed. When I view my port status, I am showing the system now listening at two new addresses (192.168.30.1, 192.168.188.1) rather than the normal 127.0.0.1. I have never seen this before. I know the 192,etc has to do with having a router, but since I don't have one, this puzzles me. I realize it has something to do with VMWare's configuration and what it needs to work, but the thing that concerns me is that it now shows the system listening on my NetBios ports (137-139). I have always had NetBios disabled, but now notice that when I look at active services, NetBios is in "running" mode rather than "disabled," as before. I don't know if that is something I should be concerned about or not. I have my firewall set to block any incoming traffic to those ports, and have modified my rules to allow the localhost to have outbound UDP to the 192.168.30.x & 192.168.188.x network mask (log showed these transmissions being blocked). Would appreciate it if you all could shed some light on this.

[Mrkvonic]

Hello,

VMware Server installs services - including vmnet1 and vmnet8 - which are needed for the proper working of the Server if you wish to use networking with your virtual machines.

NetBIOS is there because you need NAT between your computer and the VMware Server, which is basically a computer inside your own. If you had sharing with another, normal - real - computer, NetBIOS would also be needed.

You need to allow outbound because VMware Server needs to communicate with the guest machines, give them IP addresses and forward packets. Just like normal networking between two or more computers.

VMware listens on port 902, btw.

Everything is OK and sounds as if you have configured your system well.

Mrk

[wilbertnl]

Quote:

Originally Posted by KDNeese

I am showing the system now listening at two new addresses (192.168.30.1, 192.168.188.1) rather than the normal 127.0.0.1.

VMware installs a service that functions as a software router.