Results 1 to 14 of 14
  1. #1
    Join Date
    Jan 2013
    Posts
    438

    how know who is connected to my vmware

    Hello
    yesterday my whmcs was hacked, and immediate i did change password of vmware, now how i can check hacker is logged to my vmware or not?

    so i want see logged all ip's connnected to my vmware, please let me how.

    also i want see active session in vmware.

    Thank you.

  2. #2
    Which VMware platform you hosting on? ESXi, workstation etc...?

  3. #3
    Join Date
    Jan 2013
    Posts
    438
    vmware ESXi 5.5 and 5.1

  4. #4
    Join Date
    Jun 2010
    Location
    Northern Virginia
    Posts
    2,201
    You should be able to see them in Home > Administration > Sessions
    Big Brain Global Networks --Your Hosting Specialists Since 2010
    www.bigbrainglobal.com
    █ Fully Managed cPanel KVM VPS & Dedicated Servers
    █ 24/7/365 U.S.A Based Customer Support | Multiple U.S.A locations

  5. #5
    Join Date
    Jan 2013
    Posts
    438
    realy i cant see sessions, please see below screen shot:
    http://prntscr.com/2bo9m7

    how i can active that?

  6. #6
    Join Date
    Jan 2013
    Posts
    438
    any help!!!?

  7. #7
    Join Date
    Jun 2010
    Location
    Northern Virginia
    Posts
    2,201
    Quote Originally Posted by morteza3245 View Post
    any help!!!?
    It looks like you are using the free version of VMware. That function is not supported.
    Big Brain Global Networks --Your Hosting Specialists Since 2010
    www.bigbrainglobal.com
    █ Fully Managed cPanel KVM VPS & Dedicated Servers
    █ 24/7/365 U.S.A Based Customer Support | Multiple U.S.A locations

  8. #8
    Join Date
    Jan 2013
    Posts
    438
    no, i have license, please see screenshot:
    http://prntscr.com/2bu34z

  9. #9
    Hello,

    You can check it from the link https://communities.vmware.com/message/2284465#2284465

    I hope it will help you.

  10. #10
    Join Date
    Jan 2013
    Posts
    438
    it is for console,
    i want know who is connected to my vmware dedicated!

  11. #11
    Join Date
    Jan 2006
    Location
    127.0.0.1
    Posts
    688
    Should be listed there. Otherwise you can see login attempts w/ IP's in the host's event logs.
    Attached Thumbnails Attached Thumbnails sessions.png  
    ❄️❄️❄️ HOSTBLIZZARD.COM --- 100% Canadian Hosting Provider ❄️❄️❄️
    • Shared Hosting • Reseller Hosting • Cloud Hosting • VPS Servers • Domain Names
    a division of Sheernox Technology Group

  12. #12
    Join Date
    Jan 2006
    Location
    127.0.0.1
    Posts
    688
    On second thought this option may only be available with vCenter.

    I would just check over the host's event logs as you will see successful login attempts, at what time and what user was logged into. You will then also see any actions performed by that user.

    I would assume that if they gained access to your ESX host then much more damage would have been done. I think you're looking for a web-server side exploit of some kind. WHMCS isn't the most secure tool on the block...
    ❄️❄️❄️ HOSTBLIZZARD.COM --- 100% Canadian Hosting Provider ❄️❄️❄️
    • Shared Hosting • Reseller Hosting • Cloud Hosting • VPS Servers • Domain Names
    a division of Sheernox Technology Group

  13. #13
    Join Date
    Jun 2013
    Posts
    430
    At this point I run whmcs in its own vm because its not worth risking my other sites. They really need a security audit.

  14. #14
    ESXi itself will not have this option... you may be able to check the events log on the host level to see - it should have a log for each session within the crowded lines.

    You will need vCenter to see what was posted on the screenshot provided above...

    Hope that helps!

Similar Threads

  1. Replies: 1
    Last Post: 09-19-2013, 02:54 AM
  2. Replies: 0
    Last Post: 09-01-2013, 07:38 PM
  3. Replies: 0
    Last Post: 05-06-2013, 02:14 AM
  4. Replies: 0
    Last Post: 03-29-2013, 05:14 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •