Why does a vmware of linux not send traffic with zone alarm on the phyical machine?

[RIGorous1]

Hey guys,

So I'm running backtrack in vwware on my windows XP machine. I have zone alarm on the windows machine enabled (not the lockdown mode, just the default). So when I'm trying to access another computer over SSH within the vmwared backtrack I get no response.

I know that turning ZA will allow me to send network traffic in backtrack, but my question is what is the technical reason why ZA won't let send traffic in vmware. Is it because of port blocking, or something by ZA?

Thanks,

Rig

 

[Brazen]

Is ZA blocking all incoming traffic? Basically, to your Windows machine, anything coming from the virtual machine looks like it is "incoming" and since anything from the vmware must go through your physical Windows machine, everything will get blocked by whatever is blocking "incoming" traffic.

 

[RIGorous1]

zone alarm isn't in the lockdown mode, its just the default which I think allows outgoing traffic (I think). But I'm curious if its true that anything coming from VMWARE is treated like incoming traffic?

Hrm... can anyone second that?

 

[RIGorous1]

also when I have vmware running I usually get a different IP than the windows machine from the DHCP server. So are you saying that the virtual IP from vmware (say 192.168.0.2) channels its traffic through the native windows XP system IP (say 192.168.0.1), but that when 2 sends traffic, 1 sees 2 as incoming traffic and thus blocks it?

 

[gaidin123]

If the vmware nic is set to bridged mode you will receive an IP address from your home router's DHCP server. In this mode traffic is not routed through your physical machine's IP. If the vmware nic is set to NAT you receive an IP address from the DHCP server vmware runs for you and all the VM's traffic is NATed through your PM's regular IP.

Check ZoneAlarm's prefs to see if VMWare is not allowed to go outbound (or just delete all vmware entries in ZA and let it ask you what you want next time you launch VMWare).

In the backtrack CD you have an IP and can ping your default gateway? Have you set the VM to bridge or NAT? Can you SSH to this other machine on the network through a normal Windows Putty SSH session?

Gaidin

 

[Brazen]

Originally posted by: RIGorous1
also when I have vmware running I usually get a different IP than the windows machine from the DHCP server. So are you saying that the virtual IP from vmware (say 192.168.0.2) channels its traffic through the native windows XP system IP (say 192.168.0.1), but that when 2 sends traffic, 1 sees 2 as incoming traffic and thus blocks it?

yes, that is exactly what I'm saying. I am not familiar with ZA, but VMWare creates some virtual network adapters on your Windows machine (You can see them by going to Network Connections in the Control Panel).

These virtual adapters should also show up in ZA and you can probably assign rules to them just like you do your physical adapter. Just remember that anything coming from the virtual machine through these virtual adapters will be seen as "incoming" to your Windows machine.