From the TripWire ConfigCheck site:
Tripwire® ConfigCheckTM
is a free utility that rapidly assesses the security of VMware ESX 3.5
hypervisor configurations compared to the VMware Infrastructure 3
Security Hardening guidelines. Developed by Tripwire in cooperation
with VMware, Tripwire ConfigCheck ensures ESX environments are properly
configured—offering immediate insight into unintentional
vulnerabilities in virtual environments—and provides the necessary
steps towards full remediation when they are not.
internetnews.com – TripWire Cures Virtual Misconfiguration:
"There haven’t been any attacks against the hypervisor that could be demonstrated to break through, but misconfiguration could put you in a situation where you can get attacked even if you have no vulnerabilities or are fully patched," [VMware’s Nand Mulchandani] added.
There are about 100 configuration settings in VMware that need to be set to ensure the most hardened environment possible, and these have, up to now, had to be manually checked.
NetworkWorld – Did you say: FREE, SECURITY and VIRTUAL SERVERS?
The ConfigCheck tool is based on VMware’s own security hardening guidelines for ESX Server and future releases will also support VMware’s Infrastructure 3 products. The free tool notifies IT managers of potential conflicts in configurations and also offers fixes to the incompatibilities between actual and desired configurations. The tool links back to the vendors’ virtual security resource center
SearchSecurity.com – Virtualization tool assesses VMware security configurations
"It will be eye-opening when they run ConfigCheck against their systems and gauge that relative to best practices," said Mulchandani. "It will get them thinking about configuration and patching in key areas for security."
