Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
ESX Server required services are not documented.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15827 | ESX0350 | SV-16766r1_rule | Low |
| Description |
|---|
| Once the ESX Server is configured and operating, all required services needed for operation will be documented. Undocumented services running on the ESX Server opens up ports and vulnerabilities that may be exploited to gain access to the server. These services also consume processor cycles and memory. The ESX Server shares resources with virtual machines and the service console, and all excess resources are allocated based on the priorities configured. |
| STIG | Date |
|---|---|
| VMware ESX 3 Server | 2016-05-13 |
Details
| Check Text ( C-16178r1_chk ) |
|---|
| Request the required services documentation from the IAO/SA. If no documentation can be produced, this is a finding. Compare this to the services running on the ESX Server by performing the following on the service console: #netstat –an If a discrepancy exists between the services documented, and the services running, this is a finding. |
| Fix Text (F-15779r1_fix) |
|---|
| Document all required services for the ESX Server. |