Category: How To

GSM Community Edition - Report Comparison 4

Virtual Environments Vulnerability Assessment By GSM (OpenVAS) – Part 3

At the first part, we’ve reviewed GSM (Greenbone Security Manager – Formerly OpenVAS) as a security manager or assessment tool for discovering vulnerabilities on virtual environments, the second part was more functional and we talked more about GSM. You leaned that how can you create a target on Greenboone Security Manager and scan it to discover vulnerabilities.

As I said at the end of second part of the blog post, the third part is related to resolving security issues. Any software and specially operating systems have “Hardening Guide”. You must follow steps of hardening guide to reduce security vulnerabilities effect on production environments.

Virtual Environments Vulnerability Assessment By GSM (OpenVAS) - Part 2 0

Virtual Environments Vulnerability Assessment By GSM (OpenVAS) – Part 2

We have reviewed reasons of have Vulnerability Assessment or Vulnerability Manager in virtual environments and how these software help us to find vulnerabilities on any component of virtual infrastructure. We have reviewed OpenVAS or Greenbone Security Manager and talked about features and abilities.

Now, it’s time to use the GSM server that we had prepared on the previous part. In this part of blog post, we’ll configure a target (ESXi Server) on OpenVAS server, create a task for scan and find the result of scan.

I’ve installed ESXi 6U1 (3029758) on a virtual machine and there is no customized configuration, all configurations are default.

Vulnerability Assessment 1

Virtual Environments Vulnerability Assessment By GSM (OpenVAS) – Part 1

In virtual environments, any vulnerability has affect on virtual infrastructure and those who get the service including internal and external services. So at least, any organization should have process to identifying vulnerabilities. Identifying vulnerabilities needs tools in IT infrastructure to scan devices, operating systems and applications and find vulnerabilities (Especially security vulnerabilities).

HPE MSL Tape Library Service Password 0

HPE MSL Tape Library Service Password

HPE MSL (2024, 4048, 8096) has three different users for managing and monitoring tape library: User and Administrator password can be changed via LCD Panel but Service user has predefined password. The password is as follows: 42311324

PowerCLI 0

[Script]: Check Time Synchronization with Host on Virtual Machines – PowerCLI

As you know, virtual machines can sync their time with ESXi host when VMware Tools is installed on the virtual machines. Also the configuration should be enabled on virtual machine configuration manually. The configuration is available on “Virtual Machine Properties”: If there is more than one virtual machine (Absolutely YES), the configuration should be enabled via an automation solution such as PowerCLI because enabling the configuration manually is very difficult. As all virtual machines don’t need to this configuration for time synchronization, administrators enables the configuration for some VMs when it needed. Some times, administrators have to provide a report from the virtual machines which have the configuration enabled. So how an administrator be able to create a query from the virtual machine. The stupid solution is checking virtual machine via GUI one by one. But true solution is create query from virtual machine via an automation tools such as PowerCLI The Script! Administrator can run the below PowerCLI script to find the virtual machines with “Synchronize guest time with host” configuration: The {File Path} should be changed with actual file path for storing the information as CSV file. More on Tiemouri.Net VMware Tools Client – Interact with a VM...

HPE iLO 0

[How To]: Configure HPE iLO via ESXi

There is a standard way to configure iLO for HPE ProLiant servers, HPE iLO can be configured after boot-up via SETUP utility on all type of servers and generations. If you press [F8] during boot-up, iLO configuration utility will be appeared and then you can configure all iLO configuration such as network connection.

HP EVA Soft Diagnostic Failure 1

[How To]: Resolve Soft Diagnostic Failure – HP EVA

Soft Diagnostic Failure A soft diagnostics Error will typically be present after an intentional or unintentional restart of one or both HSV controllers. It will be logged in the controller event log and displayed in command view Enterprise Virtual Array (EVA) as yellow exclamation mark. The EVA will be operational. This error can be present on any EVA model.   Solution! I know, this product is retired but I’m sure some of you still using this product. So if the error happened for you, what’s the solution? When any HSV controller restarts it will go through the equivalent of a Power On Self Test (POST). The POST will ensure that all required hardware is present and operational. In case a non-essential part of the hardware fails diagnostics (e.g. one host port is not operational), the controller will start up but be marked with a Soft diagnostics error. A typical scenario would be a host port failure that triggered a controller restart and subsequently failed diagnostics (because e.g. a bad cable). After the restart, the controller will report the soft diagnostics error. A soft diagnostics error will only clear on the next successful POST (and, of course, if the problem is...

PowerCLI 10

Change Linux IP Address via PowerCLI

There is some reason that you want to change IP address on virtual machines as an example, moving virtual machines to a new VLAN or port-group or moving them to another site or replicate virtual machine to an offsite recovery site. Changing IP on machines one by one is very difficult on more than one machine and it be tougher. PowerCLI has cmdlet that it called “Invoke-VMScript”, the cmdlet lets you to run scripts on guest OS even when guest OS has no IP. But VMware Tools must be installed and also updated VMware Tools is recommended. Also you must have guest OS credential to run your script. Sample Script for Change IP Address Here is a sample script to change address on multiple VM and also change NFS mount point addresses on “fstab” file. Before run, you must customize the below script and put proper network configuration file within the script: Further Reading Add existing virtual desktops to “Automated Pool” in VMware View manually [PowerCLI]: Change Local Account Password on ESXi [Script]: Find ESXi HBA WWN via PowerCLI Veeam Backup & Replication – Re-IP Rule on Linux VM

Veeam ONE Alarm - Define Rule 1

Veeam ONE: How to Avoid VM Disk I/O Bottlenecks

Controlling resource usage by the metrics, it’s a key to keep your virtual infrastructure up and optimized and also keep your customer happy. Veeam ONE alarm will help you to controlling the metrics and resources.

Before create the alarms, we should know why I/O is important to us? And what is impact of generating lot of I/O by virtual machines?