Hello,
I found three iofilterd* services on one of our ESXi servers, whereas 2 of them are running and the third on is stopped:
[ladmin@atenteisesxv08:~] chkconfig --list | grep iofilter*
iofilterd-spm on
iofilterd-vmwarevmcrypt on
iofiltervpd off
What are they used for?
Our security scanner (Qualys Cloud Agent) found also vulnerabilities related to weak TLS ciphers and to iofilter services:
CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE TLSv1.2 WITH 64-BIT CBC CIPHERS IS SUPPORTED DES-CBC3-SHA RSA RSA SHA1 3DES(168) MEDIUM ECDHE-RSA-DES-CBC3-SHA ECDH RSA SHA1 3DES(168) MEDIUM | |
Port: | 9080/tcp |
Any help would be appreciated. Thanks.
Hi,
there is a port reference at
https://kb.vmware.com/s/article/2131180
Maybe this helps a little bit.
Ron
they are used for features like for instance VM Encryption, Storage IO Control, some third party solutions like "flash caching" or "replication".
Ok - It is getting clearer for me now.
Then we cannot just disable them, because we're using VM encryption.
Is there any other way to disable weak ciphers or do we have to wait for a patch?
there's some info here about it, I never tried this myself though:
I have seen this KB article, but I will raise a support ticket.
Probably smart indeed.
Hi, I'm facing the same issue.
I dig a little about this topic but haven't tried to disable RSA ciphers or totally shutdown that service yet.
I wonder if this is safe for vmware vcenter infrastructure ( we don't use encryption but there is something about storage IO - and we have connected arrays to that infrastructure )?
Any Idea if this will be fixed in upcoming update?
Is there raised support ticket?