Guido Tschakert wrote: ... > Hi, > yes finally you must go outside, this is done with the bridged interface. > The question is (I don't have the complete answer, but a strange feeling): > How secure is your windows with a network interface enabled and nothing > on it configured. > > guido
exactly. This idea of using VMware (or similar) to host a firewall that protects the host operating system is something I find somewhere between amusing (because its silly) and scary (because it indicates people don't really understand, and think that a "firewall" works magic, and these people might be protecting our personal data). By the time a packet has made it to your VMware firewall, you have gone through the host OS. You are assuming the host OS's network support is secure. You are assuming the VMware virtualization code is secure. You are assuming that the VM can't be compromised by an exploited host OS. I don't think that's a really good idea. A year ago, I thought it was a theoretically bad idea. But leave it to the wireless people to put theory into practice: http://lwn.net/Articles/191100/ Remember that this was a DRIVER vulnerability, not an APPLICATION vulnerability. So yes, nothing had to be attached. A little while after that, Intel was reporting security bugs in many/most of their 100Mbps and 1Gbps adapter drivers. Thanks for demonstrating that it isn't just a wireless thing. Better than sticking your "All Services On" Windows machine directly on the 'net? Probably. Secure? Not in my opinion. Nick.
