- VMware vSphere Security Cookbook
- Mike Greer
- 398字
- 2021-08-05 17:16:06
Configuring host services
The host services work in concert with the firewall rules to enable or disable a functionality on the ESXi host. Services provided by the vCenter agent allow communication and management of the host by a vCenter server, for example.
The way host services are configured can cause trouble sometimes since we expect to communicate with the host because the port is open, but that is only half of the equation most times. Unlike a Windows server that has services running irrespective of whether they are being used or not, an ESXi host does not have services running that are not called or configured to do so.
Getting ready
In order to proceed, we require access to the vSphere Client. The client can be run on any modern Windows desktop operating system or server operating system.
Note
vSphere Client will not run from a Windows Domain Controller.
vSphere Client can be downloaded by the link provided on the ESXi host web page or from www.vmware.com.
How to do it…
Perform the following steps:
- From the Configuration tab, select the security profile.
- Then, select a particular service from the list; in this example, we've selected SSH (highlighted in the following screenshot), which is a common service used for troubleshooting. The status of the service is shown in the dialog box.
- In order to make changes to the service, select the Options… button, as shown in the following screenshot:
- This presents us with three options for the service:
- Start automatically if any ports are open, and stop when all ports are closed
- Start and stop with host
- Start and stop manually
- Select the Start and stop manually option since we are only enabling the service for the purpose of remote troubleshooting by a third-party vendor.
- Click on OK to complete the configuration change.
How it works…
The services allow the host to receive processes and respond to commands and data sent by the remote machine. These services work in conjunction with the firewall ports. For example, if we set the SSH server service to start manually but did not open port 22 for inbound traffic, no SSH commands will be processed.
Third-party services also appear in this list when loaded. Hardware-specific services, such as HP Smart Start, will also appear in the list and their corresponding ports will appear in the firewall's list of ports.
- 云原生安全:攻防實踐與體系構建
- Learning Python for Forensics
- 腦洞大開:滲透測試另類實戰攻略
- INSTANT Metasploit Starter
- INSTANT Burp Suite Starter
- API安全技術與實戰
- 數據保護:工作負載的可恢復性
- Disaster Recovery Using VMware vSphere Replication and vCenter Site Recovery Manager
- 黑客攻防從入門到精通:黑客與反黑客工具篇(第2版)
- 社會工程:防范釣魚欺詐(卷3)
- Blockchain Development with Hyperledger
- Cisco Firepower威脅防御(FTD)設備的高級排錯與配置
- 從實踐中學習TCP/IP協議
- 無線安全與攻防入門很輕松(實戰超值版)
- 網絡空間安全原理與實踐