Solved

standalone esxi5.0.0 logging 'user root@ipaddress logged in' every few seconds?

Posted on 2014-04-15
8
343 Views
Last Modified: 2016-10-27
just noticed this on one of my hosts.  

Any ideas?
0
Comment
Question by:CHI-LTD
  • 4
  • 3
8 Comments
 
LVL 117

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 40001057
lookup the IP Address, in DNS, traceroute, and find out which server it's coming from.

Change your root password if in doubt.

e.g. Veeam, Altiris, other management solutions.
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 40001071
sorry, i did, its my machine..
also downed the acronis appliance, no change.
0
 
LVL 117

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 40001074
So, what do you have running on your machine?

PowerCLI ?
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 40001087
ha ha who klnows!  lots of things.
shut it down and its stopped.  will now see whats causing it.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 40001171
RV Tools, vSphere Client, VMware Flings

It's probably best to create yourself, a new "root" account, specific to you, so you can easily track these access requests.
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 40001199
solarwinds vm monitor!!
0
 
LVL 24

Expert Comment

by:Mohammed Khawaja
ID: 40001203
in h future if you want to know what process on your PC is doing this then run netstat -ab and it will show active connections and the filename.   Look for connections to your Esx server IP address.
0
 
LVL 117
ID: 40001214
Look at creating a new user e.g. Service_Solarwinds in ESXi, it makes it more secure, than using the root account to login, and you will then know what the account is!
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …
In  today’s increasingly digital world, managed service providers (MSPs) fight for their customers’ attention, looking for ways to make them stay and purchase more services. One way to encourage that behavior is to develop a dependable brand of prod…
Teach the user how to use create log bundles for vCenter Server or ESXi hosts Open vSphere Web Client: Generate vCenter Server and ESXi host log bundle:  Open vCenter Server Appliance Web Management interface and generate log bundle: Open vCenter Se…
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now