Thursday, 15 November 2012

VMware 9.0 on Linux: Closing ports 443 and 902

On a Linux host, VMware Workstation 9.0.1 has TCP ports 443 and 902 open by default, listening on all interfaces.  This creates a small but unnecessary potential attack surface.
Here's how to close those open TCP ports...
1. In /etc/init.d/vmware

Comment out the line:
         vmware_exec 'VMware Authentication Daemon' vmware_start_authdlauncher
Add the following line:
         echo 'Skipping: VMware Authentication Daemon'


2. In /etc/init.d/vmware-workstation-server

After the line:

          ### END INIT INFO

Add two new lines:
          echo Aborting launch of vmware-workstation-server
          exit 0

After rebooting the host, the listeners on port 443 and 902 are no longer present.  But the VMware Workstation still works perfectly when started successfully from the GUI (Ubuntu 12.04). 

4 comments:

  1. Thanks Martin, i was looking for a solution to close port 902 for a longer time and finally found it ;)

    On point 2, closing port 443 you can also, and i prefer, disable Shared VMs in the Preferences from VMware Workstation, then the server is also stopped.

    Cheers, Kees

    ReplyDelete
  2. Thank you very much

    ReplyDelete
  3. Thanks for you Martin! you save me many problems!

    ReplyDelete

Spammers: please stop wasting my time. All comments are moderated before publication.