Hi all,
I mean any critical points of ESXi, any files, or directory that must be monitored to detect any suspicious activity.
i.e (files that should stay static and change only when te system is deliberately updated):
- /etc/vmware/hostd/config.xml
- /etc/vmware/hostd/vmInventory.xml
- /etc/vmware/hostd/vmAutoStart.xml
- /etc/vmware/passthru.map
- /etc/vmware/esx.conf
- /etc/ntp.conf
- /etc/resolv.conf
- /etc/ssh/sshd_config
- /etc/security/access.conf
- /etc/vmsyslog.conf
I'll be very grateful for any guidance. Best regards,
JP Sáez