Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must zero out VMDK files prior to deletion.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-OS-99999-ESXI5-000161 | SRG-OS-99999-ESXI5-000161 | SRG-OS-99999-ESXI5-000161_rule | Medium |
| Description |
|---|
| The virtual disk must be zeroed prior to deletion in order to prevent sensitive data in VMDK files from being recovered. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-SRG-OS-99999-ESXI5-000161_chk ) |
|---|
| Ask the SA if a documented procedure is used to overwrite sensitive data in vmdk flat files prior to deletion. The procedure must include a command to zero data and the file must then be deleted. See some examples directly below. vmkfstools --writezeroes or dd if=/dev/zero of= If a documented procedure to overwrite sensitive data in vmdk flat files prior to deletion does not exist, this is a finding. |
| Fix Text (F-SRG-OS-99999-ESXI5-000161_fix) |
|---|
| Create and document a procedure to zero sensitive data prior to removal of the vmdk file. Command line interface commands such as vmkfstools, dd and rm must be used. Alternatively, from the vSphere Client, select the ESX host>> Configuration tab - Storage >> Add storage >> Select the LUN ID to be destroyed. |