8.3.3 Ensure secure protocols are used for virtual serial port access

Information

Serial ports are interfaces for connecting peripherals to the VM. They are often used on physical systems to provide a direct, low-level connection to the console of a server. Virtual serial ports allow VMs to communicate with serial ports over networks. If virtual serial ports are needed, they should be configured to use secure protocols.

Rationale:

If virtual serial ports do not use secure protocols, the communications with those ports could be eavesdropped on, manipulated, or otherwise compromised, giving attackers sensitive information or control to unauthorized parties.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

To configure all virtual serial ports to use secure protocols, change any protocols that are not secure to one of the following:

ssl - the equivalent of TCP+SSL

tcp+ssl - SSL over TCP over IPv4 or IPv6

tcp4+ssl - SSL over TCP over IPv4

tcp6+ssl - SSL over TCP over IPv6

telnets - telnet over SSL over TCP

See Also

https://workbench.cisecurity.org/files/3473