Thursday, 15 November 2012

VMware 9.0 on Linux: Closing ports 443 and 902

On a Linux host, VMware Workstation 9.0.1 has TCP ports 443 and 902 open by default, listening on all interfaces.  This creates a small but unnecessary potential attack surface.
Here's how to close those open TCP ports...
1. In /etc/init.d/vmware

Comment out the line:
         vmware_exec 'VMware Authentication Daemon' vmware_start_authdlauncher
Add the following line:
         echo 'Skipping: VMware Authentication Daemon'


2. In /etc/init.d/vmware-workstation-server

After the line:

          ### END INIT INFO

Add two new lines:
          echo Aborting launch of vmware-workstation-server
          exit 0

After rebooting the host, the listeners on port 443 and 902 are no longer present.  But the VMware Workstation still works perfectly when started successfully from the GUI (Ubuntu 12.04). 
Posted by Martin at 14:28
Labels: , ,

3 comments:

  1. Anonymous20 November 2012 at 21:07

    Thanks Martin, i was looking for a solution to close port 902 for a longer time and finally found it ;)

    On point 2, closing port 443 you can also, and i prefer, disable Shared VMs in the Preferences from VMware Workstation, then the server is also stopped.

    Cheers, Kees

    ReplyDelete
  2. Anonymous3 June 2013 at 10:35

    Thank you.

    ReplyDelete
  3. Anonymous13 December 2014 at 12:33

    Thanks for you Martin! you save me many problems!

    ReplyDelete

Spammers: please stop wasting my time. All comments are moderated before publication.

Subscribe to: Post Comments (Atom)