-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Saturday 2007-06-23 at 10:52 -0800, John Andersen wrote:
> On Saturday 23 June 2007, Carlos E. R. wrote:
> > (I'm new to vmware)
> >
> > vmware server created two interfaces, vmnet1 and vmnet8 - the task of each
> > one I have not clear -. The thing is, the hosted system (virtual machine)
> > does have network access (I told it to use Nat), but I don't really know
> > how, and whether it is protected by the firewall.
> >
> > Of course, if there is a nice, easy to read, howto, just tell me :-)
>
> If you use nat it is protected by the firewall, protected in the sense
> that unless you go in and specifically configure a routing, no inbound
> connections will be forwarded to the virtual machine.
Ah, right. I was a bit fuzzy about it.
> So its just like being behind a router. You can establish outbound
> connection in the virtual machine using just about any package
> (web browser, telnet, ssh, email, etc). Its just like having a machine
> behind a little hardware router. Until or unless you open any inbound
> ports you are pretty well protected.
Good. :-)
So the windows virtual machine can be considered "safe". You see, one of
the reasons to try vmware is to avoid needing to boot windows just to use
a single app. Knowing that it can be kept fairly safe is an added bonus.
> If you wanted to run a ssh SERVER in a virtual machine, using nat
> you would have to go to /etc/vmware/vmnet8/nat and edit
> nat.conf to include a line something like this:
> [incomingtcp]
> # SSH
> 8889 = 192.168.90.128:22
>
> This would accept inbound connections on port 8889 and
> route them to the virtual machine on port 22.
Ah, good to know, but I don't intend doing such things. Not for now, at
least, but knowledge is always a good thing.
> You will then restart vmware, and as root in the host, you will see with
> netstat -anp that vmmet-natd is listening on port 8889 for you.
>
> If you do not need inbound connections, you don't have to do any of this.
Right.
> Warning: Anytime you update vmware, it has a habit of stomping
> all over your nat.conf so MAKE A BACKUP copy.
Ha! Good to know. Yes, I backup the whole /etc, so that part is saved
already.
What about the existing virtual machines, will I have to remake them? I'd
better save an image, just in case.
- --
Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFGfYNHtTMYHG2NR9URAqB8AJ9p/FUfv6cWN85j67j9jzYp02EvDACdEzNc
0BX+tAndVSJMa7Ha9lqrmYs=
=9oZd
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
