Thursday, 13 December 2012

Using Virtual Ethernet Adapters in Promiscuous Mode on a Linux Host


VMware Workstation does not allow the virtual Ethernet adapter to go into promiscuous mode unless the user running VMware Workstation has permission to make that setting. This follows the standard Linux practice that only root can put a network interface into promiscuous mode.

When you install and configure VMware Workstation, you must run the installation as root. VMware Workstation creates the VMnet devices with root ownership and root group ownership, which means that only root has read and write permissions to the devices.

To set the virtual machine's Ethernet adapter to promiscuous mode, you must launch VMware Workstation as root because you must have read and write access to the VMnet device. For example, if you are using bridged networking, you must have access to /dev/vmnet0.

To grant selected other users read and write access to the VMnet device, you can create a new group, add the appropriate users to the group and grant that group read and write access to the appropriate device. You must make these changes on the host operating system as root (su -). For example, you can enter the following commands:

chgrp <newgroup> /dev/vmnet0

chmod g+rw /dev/vmnet0

<newgroup> is the group that should have the ability to set vmnet0 to promiscuous mode.
The command to run vmware workstations ads root is simple: user@user#:~$ sudo vmware start

If you want all users to be able to set the virtual Ethernet adapter (/dev/vmnet0 in our example) to promiscuous mode, run the following command on the host operating system as root:

chmod a+rw /dev/vmnet0


This is another posting showing "how to do computing" for everyday computer usages... For a general public

VMware on Linux : Running in Permiscuous Mode


 VMware on Linux: Promiscuous Mode

When VMware Workstation is hosted under Linux, by default it doesn't allow VM Guests to access the network in Promiscuous mode.  There's an easy fix for this...

If you run something like Wireshark from a VM Guest, you'll see VMware display an error message.

The problem lies with the permissions on the Host.  When VMware is started without root privileges, it doesn't have the permissions necessary to access the /dev/vmnet0 device.

A quick temporary bodge is to use chgrp and chmod on the Host, to tweak the permissions on /dev/vmnet* until the next reboot (where yourgroup is a group that your user account is in - typically admin on my Ubuntu machines):
   chgrp yourgroup /dev/vmnet*
   chmod g+rw /dev/vmnet*

A more permanent fix is to edit /etc/init.d/vmware on the Host, and tweak the ownership and permissions when the device is created, by adding the lines in red:
  # Start the virtual ethernet kernel service
   vmwareStartVmnet() {
      vmwareLoadModule $vnet
      "$BINDIR"/vmware-networks --start >> $VNETLIB_LOG 2>&1
      chgrp yourgroup  /dev/vmnet*
      chmod g+rw /dev/vmnet*

After you restart the Host's VMware daemon ...

   /etc/init.d/vmware stop
   /etc/init.d/vmware start

you'll be able to boot your Guest VM, and use Wireshark or whatever in the Guest.  Just Remember!   Your VM Guest's Network Adapter must be set to BRIDGED (connected directly to the physical network), not NAT (used to share the host's IP address).

Aside: I did think it ought be possible to achieve the same effect a little more cleanly, by creating a file in /etc/udev/rules.d to set the desired ownership and permission modes for /dev/vmnet*.  But nothing I've tried has worked.  Anyone?

How to check for open ports on Linux

Checking for open ports is among the first steps to secure your device. Listening services may be the entrance for attackers who may exploit...