Details
Ensure that no serial port is connected to a virtual machine unless required. For a serial
port to be disconnected, the serialX.present parameter should either not be present or have a value of FALSE.
*Rationale*
Removing unnecessary hardware devices can reduce the number of potential attack
channels and help prevent attacks.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
To implement the recommended configuration state, run the following PowerCLI
command-
# In this Example you will need to add the functions from this post-
http-//blogs.vmware.com/vipowershell/2012/05/working-with-vm-devices-in-powercli.html
# Remove all Serial Ports attached to VMs
Get-VM | Get-SerialPort | Remove-SerialPort
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system VMware.