In case you needed more encouragement to move to ESXi here’s a good reason. The recent Linux vulnerability that was announced that can give attackers root access to a system effects the ESX 4.x Service Console as well as it is based off Red Hat Linux with the 2.6.28 kernel. The vulnerability affects nearly all 64-bit Linux distros but is not present in 32-bit Linux distros. Because of that the ESX 3.x Service Console is not affected by this. Apparently VMware is aware of this and a patch is in the works so be on the lookout for it and patch your systems immediately. If an attacker were to gain root access to your ESX Service Console they could easily gain access to all your VM’s as well. ESXi systems are not affected at all as they do not run a full Linux operating system and instead run a small POSIX based environment that has a smaller attack surface.
Tag: Service Console
May 07 2009
Service Console Links
Common Linux commands on the service console
Command Line Interface Tips and Tricks for Vmware ESX Server 2 and 3 (VMworld 2006)
Third-Party Software in the Service Console
Send email from Service Console
Enabling Root SSH Logins on ESX Server 3
Guide to ESX 3 Service Console
B2V Guide to VMware ESX Server3
Customised Security Banner for Console Login
VMware ESX 3 Security with SSH and SUDO
Command Line Tools for Scripting and Snapshots
VIMSH for ESX 3.5
VIMSH for ESX 3.0
VIMSH for ESX 3.0 Networking Examples
VMware’s undocumented VIMSH
Checking for resource starvation of the ESX Server service console
Increasing the amount of RAM assigned to the ESX Server service console
Verifying that the Secure Shell Daemon is running on an ESX Server host
Unable to connect to an ESX Server host using Secure Shell (SSH)