INFO: Does CFP protect against a virtual appliance?

I just installed VMware which is used to run virtual appliance’s e.g. another OS on top of an active OS such as Linux on top of Windows. Anyway I was wondering since I am now using my “virtual” Linux OS does comodo recognize Linux running? Since it is running does it protect my Linux OS as well? For example I am using firefox within Linux so will comodo protect against attacks that may come?

I hope this doesn’t sound confusing, if so then read it again! (:TNG)

No need to read it again. :smiley:
your question makes sense, but I’m sure the question has been answered multiple times in this forum.
I haven’t tryed this, so, if my answer below is wrong, please correct me.

The short answer is NO. It is similar to having two computers, one of them – in your case Windows, is sharing the connection. So, Comodo is protecting only the Win machine, the other one is receiving a different IP address. Did CFP detected the new private network zone?
And, because it’s Linux and has networking and TCP/IP built in the kernel, and running by default lots of services, you should check a separate FW – try Firestarter.
But I was wondering why would you do a thing like this: running Linux on top of Win and not the other way around, to to make the most of your harware and benefit from a more stable os and to run only some non existing apps in a virtual machine, or better, in Wine.
Hope this can help, Gabi

Yes CFP did detect a new private network zone. Also is firestarter the equivalant to CFP? e.g. Is it just as powerful as CFP? If not, do you know some of the top firewalls out there for Linux? I’m extremely new to Linux so I don’t know much about the third-party programs you can or cannot install. I also have one more question that I’ve been searching for but really haven’t found a clear answer. Since I am running Linux inside the VMware player does this mean that I can configure, add, and remove any software component I like? I’m obviously using VMware because I don’t want to install Linux on my hard drive and ■■■■■ anything up. I don’t have test system so I can’t take any chances. Anyway if this is true then why do people permanently install Linux on their machines if they can do the same adding, removing, and configuring within a virtual box?

O yea one more thing. I did a GRC port scan within my virtual Linux box and every single port was stealthed. If CFP can’t protect a virtual appliance than how did this happen?

Yep, I’ve answered to a question way over my knowledge – As I was saying earlier – I’ve never tried this, so I have no clue what’s the best Linux FW – the last one I’ve tried was the built-in FW, very basic and very good.
Testing is a good reason to run Linux in a VM, you have a point.
But I’d ask for more feedback from more experienced users than me to your questions.

The last one is easy – you have received a virtual private address:, but GRC has tested your external IP address – your Win machine. Some other port scanners out there will tell you also the internal address. CFP is great at stealthing ports. It is, if you want, like you have a hardware FW – this doesn’t remove the need for a software FW.

Hey Jack,

I believe there are two ways to set up the NIC in a virtual system.

  1. the physical NIC in the host can be set to act as a LAN bridge betwen the two environments (both systems see the one NIC and 2) a virtual NIC is run in the virtual box and a “ghost” VPN style adaptor is created on the host PC to route traffic from the virtual NIC.

In point 1), CFP is monitoring the traffic from both the host and the virtual system.

In point 2), providing CFP recognises the ghost adaptor, it will monitor the data traffic on this NIC separately from the physical NIC in the host.

Looking at it logically, there is still one physical external connection on the host PC and CFP is monitoring this. Outbound traffic simply has to go through this interface in some manner. How the data is packaged determines how well CFP can “see” the data.

Ewen :slight_smile: