Solved

unauthorised devices connected

Posted on 2013-11-12
3
227 Views
Last Modified: 2013-11-20
1, the vmware compliance checker flags it as an issue if unauthorised hardware are attached to a host (i.e. USB, floppy, IDLE, SERIAL etc), but what is the risk? Why would there be USB drives, IDLE, SERIAL etc drives attached to hosts? Surely its only admins who could access whatevers on them anyway, so I dont really see how this is a security issue? Normal domain users wouldnt be able to access drives attached to hosts would they?

2, Also - what determines which guests on a host can access the drive youve plugged in to a host? Say I have a host with 10 guests, and plug in a USB thumb drive, can all guests access this drive, or if not how do you determine which.
0
Comment
Question by:pma111
  • 2
3 Comments
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
Comment Utility
1. Does your company have a data theft policy?

An Administrator, which has been paid off to steal data, could easily add a small USB device, connect to the host, and steal data!

this is how easy it is todo!

HOW TO: Add and Connect a USB Device to a Virtual Machine, hosted on VMware vSphere Hypervisor ESX 4.1 ESXi 4.1, ESXi 5.0

It really depends, how your Security in your organization, I know of plenty of clients, that prohibits the connection of USB flash drives to Desktop computers!

Normally hosts are in a secure area, e.g. the datacentre, or machine room, users are not normally allow in. But an Administrator with a hidden agenda, could steal VMs or data easily.

Not all Risks in the Compliance Checker, are possibly going to be Risks for your organization, but some organizations, they are applicable.

You need to make an assessment, as to how Risky, they are to you.

2. Yes, if configured to, see above!
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
How can you get a report of what devices are currently attached to each host? Is the compliance checker also going to report on drives in the host itself, i.e. internal hard disc drives.

I assume accessing what info is on these drives is not typically do-able over the network by basic users, i.e. youd need admin level access to the guest to do so?
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
The Compliance checker, will confirm if devices can be connected to the VM.

Administrator access is required to access the virtual machine disks.

The vSphere Security Hardening Script can report if a VM is connected to a device.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

VM backup deduplication is a method of reducing the amount of storage space needed to save VM backups. In most organizations, VMs contain many duplicate copies of data, such as VMs deployed from the same template, VMs with the same OS, or VMs that h…
This is an issue that we can get adding / removing permissions in the vCSA 6.0. We can also have issues searching for users / groups in the AD (using your identify sources). This is how one of the ways to handle this issues and fix it.
This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now