Back in 2006, this was intended to be a "safe" virtual browser environment.
"The Browser Appliance allows users to securely browse the Internet using Mozilla Firefox. Run the Browser Appliance with VMware Player to - Protect Against Adware and Spyware and Safeguard Personal Information"
You would use the browser in the VM, instead of your own browser, to improve your internet security:
...but it is way too old, and if you were to use this now, you are reducing your security a great deal.
Attacking this platform
I took a look at this version, from an attack perspective:
- It is an Ubuntu 5.10, with a 2.6.12 kernel, and Firefox 1.0.7.
- It also has no inbuilt security features, such as antivirus, anti-spyware, or script detection
- These type of appliances have known default passwords, and it doesn't prompt you to change them
If you use it, the VM can easily be compromised, and any subsequent browsing you do through it will be at risk (not to mention that; once the VM is pwned, it can be used to pivot an attack against your internal network)
I can imagine someone downloading this, (or still using this from yester-year) to do their internet banking.
vmware recommending this to me this week is craziness!
I wonder how many other problem VMs are getting promoted on the site. Does anyone clear old ones off?
Here is a more up-to-date equivalent.
However, I question whether this is a valid approach for web security. It's a kind of cheap way of running a web-security proxy, but the platform is soon going to be out of date, so the average user would have to keep replacing the VM, to get a secure version, and if they forget, they become an easy target.
Bootnote: This is a handy platform for practicing your Metasploit hacking skills, but use it "Host-only" and don't surf the web with it!