Thursday 15 November 2012

VMware 9.0 on Linux: Closing ports 443 and 902

On a Linux host, VMware Workstation 9.0.1 has TCP ports 443 and 902 open by default, listening on all interfaces.  This creates a small but unnecessary potential attack surface.
Here's how to close those open TCP ports...
1. In /etc/init.d/vmware

Comment out the line:
         vmware_exec 'VMware Authentication Daemon' vmware_start_authdlauncher
Add the following line:
         echo 'Skipping: VMware Authentication Daemon'


2. In /etc/init.d/vmware-workstation-server

After the line:

          ### END INIT INFO

Add two new lines:
          echo Aborting launch of vmware-workstation-server
          exit 0

After rebooting the host, the listeners on port 443 and 902 are no longer present.  But the VMware Workstation still works perfectly when started successfully from the GUI (Ubuntu 12.04). 

3 comments:

  1. Thanks Martin, i was looking for a solution to close port 902 for a longer time and finally found it ;)

    On point 2, closing port 443 you can also, and i prefer, disable Shared VMs in the Preferences from VMware Workstation, then the server is also stopped.

    Cheers, Kees

    ReplyDelete
  2. Thanks for you Martin! you save me many problems!

    ReplyDelete

Spammers: please stop wasting my time. All comments are moderated before publication.