I came across some scripts to run on your ESX server after it has been installed. These script did some stuff like disabling firewall and enabling root logon from a remote system.

Although it looks like it makes your life easier now you can logon with root from a remote system I would urge you not to do these kind of things.

VMware ESX is the core of your virtual infrastructure. Like every core system you want it to be as secure as possible. You don’t give everybody access to your bank account so why do it to your infrastructure?

It’s better to create a seperate user you can use to connect to the system and then use sudo (execute command als super user). This way you don’t have to use the root account to logon and it’s easier to monitor which user is doing what. It also makes intrusion detection easier.

I also think you should use iptables to further enhance your security. Only allow access to your system from IP ranges that really need access to the server and deny all other ranges.

Related posts:

1. VMware vCenter Mobile Access
2. Changing volume access from command line for EqualLogic
3. VMware View & Citrix XenApp, the similarities & differences.
4. AppBlast, after the introduction
5. How to: License Microsoft Windows Server in a VMware environment – Part 2

Tags: design, VMware

This entry was posted on Tuesday, November 11th, 2008 at 13:01 and is filed under VMware. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.