By default, the vCenter Server virtual appliance includes the tcpdump package. You can remove that package if security considerations require it.

The tcpdump package allows administrators to analyze TCP packets for troubleshooting and testing. However, in some situations security considerations require a removal of the package. For example, you must remove the package to ensure compliance with GEN003865 in the DIS STIG, run the following command as root to remove the tcpdump package from the system:


  1. Log in to the vCenter Server Virtual Appliance as root.
  2. Run the following command.
    rpm -e tcpdump