3 Replies Latest reply on Nov 20, 2019 5:45 AM by Zenid

    Most critical files that must be monitoring on ESXi in terms of security

    Zenid Lurker

      Hi all,

       

      I mean any critical points of ESXi, any files, or directory that must be monitored to detect any suspicious activity.

       

      i.e (files that should stay static and change only when te system is deliberately updated):

       

      • /etc/vmware/hostd/config.xml
      • /etc/vmware/hostd/vmInventory.xml
      • /etc/vmware/hostd/vmAutoStart.xml
      • /etc/vmware/passthru.map
      • /etc/vmware/esx.conf
      • /etc/ntp.conf
      • /etc/resolv.conf
      • /etc/ssh/sshd_config
      • /etc/security/access.conf
      • /etc/vmsyslog.conf

       

      I'll be very grateful for any guidance. Best regards,

      JP Sáez