STIGQter: STIG Summary: VMware vSphere 6.5 ESXi Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: VMware vSphere 6.5 ESXi Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-207637r378841_rule
V-207637
SRG-OS-000095-VMM-000480
ESXI-65-000036
CAT II
10
From the vSphere Web Client select the ESXi Host and go to Configure >> System >> Security Profile. Under Services select Edit then select the ESXi Shell service and click the Stop button to stop the service. Use the pull-down menu to change the Startup policy to "Start and stop manually" and click OK.
or
From a PowerCLI command prompt while connected to the ESXi host run the following commands:
Get-VMHost | Get-VMHostService | Where {$_.Label -eq "ESXi Shell"} | Set-VMHostService -Policy Off
Get-VMHost | Get-VMHostService | Where {$_.Label -eq "ESXi Shell"} | Stop-VMHostService
From the vSphere Web Client select the ESXi Host and go to Configure >> System >> Security Profile. Under Services select Edit and view the "ESXi Shell" service and verify it is stopped.
or
From a PowerCLI command prompt while connected to the ESXi host run the following command:
Get-VMHost | Get-VMHostService | Where {$_.Label -eq "ESXi Shell"}
If the ESXi Shell service is running, this is a finding.
V-207637
False
ESXI-65-000036
From the vSphere Web Client select the ESXi Host and go to Configure >> System >> Security Profile. Under Services select Edit and view the "ESXi Shell" service and verify it is stopped.
or
From a PowerCLI command prompt while connected to the ESXi host run the following command:
Get-VMHost | Get-VMHostService | Where {$_.Label -eq "ESXi Shell"}
If the ESXi Shell service is running, this is a finding.
M
2925