1 Reply Latest reply: Dec 5, 2012 2:29 PM by cgrim RSS

    Help with Scanning VMware ESX 4 and or  VMware ESX 4 (Service Console)

    xmac89

      All, I need some assistance with VM 7.0 and scanning for machines identifed as VMware ESX 4 or  VMware ESX 4 (Service Console).

       

      Test 1 Passed - I've run some tests last night on a few hosts and  was able to Authenticate to VMware ESX 4 and get vernerability data.

       

      Test 2  Failed - When I scanned VMware ESX 4 (Service Console) I was also able to authenticate, but no vulnerabilities were found.

       

      Does any have a knowledge base for resolving the issue with scanning VMware ESX 4 (Service Console) ?

       

      I am using a service account and not root. KB54752 states to use root as an option.

       

      Thanks for any help on this one..

       

      Geo

       

      Message was edited by: xmac89 on 11/15/12 10:46:55 AM CST
        • 1. Re: Help with Scanning VMware ESX 4 and or  VMware ESX 4 (Service Console)

          Hi Geo,

           

          I'm not familiar enough about any differences between ESX 4 and ESX 4 (Service Console).

           

          Can you turn on Verbose Shell Logging and re-try scanning the system.  This will give much more detail of why it's failing in the daily log file.

           

          1.  Run Regedit

          2.  Navigate to:

          [HKEY_LOCAL_MACHINE]\SOFTWARE\Foundstone\Foundscan\Tweaks] (for 32-bit host) or

          [HKEY_LOCAL_MACHINE]\SOFTWARE\Wow6432Node\Foundstone\Foundscan\Tweaks]  (for 64-bit host)

          ** if the key "Tweaks" doesn't exist, create it. **

          3.  Add the following Value:

          LogShell DWORD Value 'ff'

          4.  Rescan, and look in the ~Foundstone\Logs\LogFile.<date>.txt for any errors associated with the userID you specified in the scan.

           

          If it's not obvious, open a Service Request, and attach the daily log.

           

          I hope that helps!
          Cathy