8.3.3 (L1) Ensure secure protocols are used for virtual serial port access

Information

Serial ports are interfaces for connecting peripherals to the VM. They are often used on physical systems to provide a direct, low-level connection to the console of a server. Virtual serial ports allow VMs to communicate with serial ports over networks. If virtual serial ports are needed, they should be configured to use secure protocols.

If virtual serial ports do not use secure protocols, the communications with those ports could be eavesdropped on, manipulated, or otherwise compromised, giving attackers sensitive information or control to unauthorized parties.

Solution

To configure all virtual serial ports to use secure protocols, change any protocols that are not secure to one of the following:

- ssl - the equivalent of TCP+SSL
- tcp+ssl - SSL over TCP over IPv4 or IPv6
- tcp4+ssl - SSL over TCP over IPv4
- tcp6+ssl - SSL over TCP over IPv6
- telnets - telnet over SSL over TCP

See Also

https://workbench.cisecurity.org/benchmarks/15334

Item Details

Category: CONFIGURATION MANAGEMENT, MAINTENANCE

References: 800-53|CM-7, 800-53|MA-4, CSCv7|12.4

Plugin: VMware

Control ID: 16253756ed69ad6f792ca4dce4e3b64ab0c717887413421882190d015179a84c