Hello all,
I have some questions regarding the esxcfg-firewall if it´s allowed to me put make some questions in the same post.
When i run the command esxcfg-firewall command, i have the information
Neither incoming nor outgoing ports blocked by default.
Enable services: CIxxxx Vxxx xxxxxxpsserver xxxxxxxxx Lxxxxxxx sshServer (xxxxxxx replaced).
Opened ports:
<empty>
I assume that this is the low security of the server.
1. If i run the command esxcfg-firewall --blockIncoming --blockOutgoing i will configure the firewall with the hight severity which is my purpose.
With this command i imagine that the ports opened by default will be still opened for the services which use them, i mean the default services opened by default, this is correct?
2. How can i know which ports are being used by these "Enable default services"? the command esxcfg-firewall -q <service> just says "service enable".
Because as a mentioned before, now the Opened ports information is empty.
The command which shows all the services and ports opened after the high severity configuration have being loaded.
3 I saw in some previous posts regarding this thema that the command esxcfg-firewall -q cmd shows some usefull information but this command doesn´t works in my server.
4. On the http://www.vmware.com/pdf/vi3_301_201_server_config.pdf, on page 239 says that only ports 902, 443, 80 and 22 are opened by default with high severity configuration, and what about all the Enable services which i mentioned in the begining 1? which ports they use?
I'm sorry for the long post.
Many thanks
Checo.