Details
Ensure that no serial port is connected to a virtual machine unless required. For a serial port to be disconnected, the serialX.present parameter should either not be present or have a value of FALSE.
Rationale:
Removing unnecessary hardware devices can reduce the number of potential attack channels and help prevent attacks.
Solution
To disconnect all serial ports from VMs, run the following PowerCLI command:
# In this Example you will need to add the functions from this post: http://blogs.vmware.com/vipowershell/2012/05/working-with-vm-devices-in-powercli.html
# Remove all Serial Ports attached to VMs
Get-VM | Get-SerialPort | Remove-SerialPort
The VM will need to be powered off for this change to take effect.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.