VMware: Modify the timeout settings of the vSphere Web Client

By default, the vSphere Web Client inactivity timeout period is 120 minutes. It may be that that you wish to reduce the value to close session automatically to minimize risk , by reducing the potential for unauthorised access to vCenter. This is possible by modifying the ‘webclient.properties’ file which by default is located in the directory ‘C:\ProgramData\VMware\vSphere Web Client’ … More VMware: Modify the timeout settings of the vSphere Web Client

VMware: Disable Managed Object Browser (MOB)

The managed object browser provides a way to explore the object model used by vCenter to manage the vSphere environment; it enables configurations to be changed as well. This interface is used primarily for debugging the vSphere SDK. This interface might potentially be used to perform malicious configuration changes or actions. In order to disable … More VMware: Disable Managed Object Browser (MOB)

Monitoring vCenter privelage reassignment with Nagios XI

During a restart of the ‘VMware VirtualCenter Server’ service, if a user or group assigned to the Administrator Role at the root folder level could not be verified during the restart the user privelages are revoked. As part of security hardening on the vCenter server, I created a Nagios Remote Plugin Executor (NRPE) to search for … More Monitoring vCenter privelage reassignment with Nagios XI

VMware: Disable Datastore Browser from vCenter

By default, you will be able to use your web browser to find and download any files by browsing datastores in the vSphere inventory. In order to disable the datastore browser you will need to edit the ‘vpxd.cfg’ file, to ensure the ‘enableHttpDatastoreAccess’ is set to false, as below: <vpxd> <enableHttpDatastoreAccess>false</enableHttpDatastoreAccess> </vpxd> Once the above configuration … More VMware: Disable Datastore Browser from vCenter

Performing network discovery and security audits with Nmap

I was looking at a software to perform network discovery and security audits, where I discovered the open source utility Nmap (http://nmap.org/), OK I was already aware of it! I was looking to install Nmap on an Ubuntu operating system, which requires the following to be run: apt-get install nmap I also required the ability … More Performing network discovery and security audits with Nmap