VMware Cloud Community
rmuniz9336
Enthusiast
Enthusiast
Jump to solution

What port(s) does VM Convertor use

Hi all,

Let me tell you what I'm running into. I have a nice healthy number of VMs that developers work on, and of course they have to have Administrator Access on them to run and devlop what they're working on. In the course of crusing several of the VMs, I discovered convertor running on several, and I soon afterwards discovered one of my intrepid young developers was cloning VMs that way and dowloading them to his and his collagues workstations. Needless to say, that caused us a serious licensing issue, not to mention a security issue, and a number of folks were instructed about where the unemployment line is, and informed they'd be standing in it if they ever pulled such a stupid stunt again.

Of course, one of the things I want to do is make certain that doesn't happen again, and so I'm thinking if I know what port VMconvertor runs on or uses, I can use that information to put into the port scanner, and watch for it in the future.

Thanks in advance.

Rich

Reply
0 Kudos
1 Solution

Accepted Solutions
theanykey
Virtuoso
Virtuoso
Jump to solution

Check the port usage (use telnet to verify)

  • Converter application to remote physical machine - 445 and 139

  • Converter application to VirtualCenter Server - 443

  • Converter application to ESX Server 3.x - 443

  • Physical machine to VirtualCenter Server - 443

  • Physical machine to ESX Server 3.x - 443 and 902

      • If you are using Converter 3.0.1 or 3.0.2 make sure you do not have a web server using port 443 while running Converter

Assuming you have converter installed inside the VM and pushing it out to ESX without referencing Virtualcenter, you would need to check for port 443 and 902 only.

I am a bit confused, are you asking how to prevent converter from being run inside a VM? If so, you could enforce the service "Volume Shadow Copy" to always remain disabled. This will prevent Windows 2003 and XP machines from being converted past 1%. For Windows NT4 and 2000, we implement a new service "stcbasic.sys" and requires a reboot to function. Maybe a security policy effecting certain types of users may help preventing a new service from being implemented?

View solution in original post

Reply
0 Kudos
3 Replies
theanykey
Virtuoso
Virtuoso
Jump to solution

Check the port usage (use telnet to verify)

  • Converter application to remote physical machine - 445 and 139

  • Converter application to VirtualCenter Server - 443

  • Converter application to ESX Server 3.x - 443

  • Physical machine to VirtualCenter Server - 443

  • Physical machine to ESX Server 3.x - 443 and 902

      • If you are using Converter 3.0.1 or 3.0.2 make sure you do not have a web server using port 443 while running Converter

Assuming you have converter installed inside the VM and pushing it out to ESX without referencing Virtualcenter, you would need to check for port 443 and 902 only.

I am a bit confused, are you asking how to prevent converter from being run inside a VM? If so, you could enforce the service "Volume Shadow Copy" to always remain disabled. This will prevent Windows 2003 and XP machines from being converted past 1%. For Windows NT4 and 2000, we implement a new service "stcbasic.sys" and requires a reboot to function. Maybe a security policy effecting certain types of users may help preventing a new service from being implemented?

Reply
0 Kudos
rmuniz9336
Enthusiast
Enthusiast
Jump to solution

Appreciate it, now I know what to look for.

Reply
0 Kudos
rmuniz9336
Enthusiast
Enthusiast
Jump to solution

Actually, looking at this, The volume Shadow copy looks promising. Thanks. That's a real simple build in.

Reply
0 Kudos