Windows 2008 was born on February 2018 and Microsoft released Windows 2008 R2 on October 2009. I think, Windows 2008 R2 was one of most popular Windows servers in history.
Now, Windows 7, Windows 2008 and Windows 2008 R2 are old men. We have to say goodbye to these guys in this year and next year.
Windows is still most popular operating system for clients in over the world. Windows is installed on more than 80% of all desktop and laptops. So our users are addicted to Windows. I have real experience about our customers with other operating systems. Actually, most people is born in a home with Windows desktops or Windows laptops. They have grown up with Microsoft Outlook and other Windows application, so they can’t work with other operating systems.
In order to keep synchronize iLO time with NTP server or time server, you have to enable NTP configuration and add proper NTP server address. Configuring NTP on more than one server is a difficult task for any administrator, because you have to do it via iLO command line or web based GUI manually. At this post I want to share an example for NTP configuration as a PowerShell script.
Why We Should Mitigate SSH Based Attack SSH (Secure Shell) is a most popular remote protocol. SSH allows remote login and execute commands. That providing secure way to login and run commands on remote systems in unsecured networks. Telnet replace with SSH cause of offering more security. But SSH has some weaknesses, in order to reducing SSH based attack, those weaknesses can be mitigated. There is some hardening tips, the tips turn your SSH server into a rock solid communication daemon. Best SSH Hardening Tips In the next minutes, we’ll review 15 solutions from best SSH hardening tips. Each hardening tip will a shield against SSH based attacks. Most of the tips are SSH configurations, some of those tips are different on Linux distributions, so please check the configurations on your distribution documents as well. Also Windows 10 and Windows 2019 have OpenSSH server by adding Win32-OpenSSH to Windows, so read Microsoft documents as well. You must restart SSH server daemon after applying configurations. 1. Custom SSH Port SSH server listening on port 22 by default, so attackers trying to attack your server on port 22. Changing SSH port to another port is a solution to reduce attacks. In order to change...
VNC is a fast and secure way to managing Linux systems via GUI remotely. VNC needs proper configuration to work without issue. Configure VNC on Linux systems will be difficult and confusing for beginners. Fortunately, Red Hat provides an application to create VNC configuration as a script automatically.
VMware’s engineers published another free tool on VMware Labs. The new fling (VMware Workspace ONE Provisioning Tool) helps you to test and validate applications. Let’s review VMware Workspace ONE Provisioning Tool.
“Corruption in dlmalloc” issue occurs because multiple esxcfg-dumppart threads attempt to free memory which has been used for configuring the dump partition. Thread A checks if there are entries to be freed and proceeds to free them, while within the same time frame, Thread B is also attempting to free the same entries.
Based on VMware KB2147888, this issue is resolved on ESXi 6 U3. But why issue is happening on ESXi 6 U3 or ESXi 6.5 U1 when they are installed on HPE ProLiant servers?
OpenSCAP is an auditing tool that utilizes the Extensible Configuration Checklist Description Format (XCCDF). XCCDF is a standard way of expressing checklist content and defines security checklists. It also combines with other specifications such as CPE, CCE, and OVAL, to create a SCAP-expressed checklist that can be processed by SCAP-validated products.
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.
I guess, you know the instruction but let’s quick review. You can export virtual machines via some different tools such as vSphere Client, vSphere Web Client and others. All administrators do it today and familiar with OVA and OVF. It’s possible to export small virtual machines via vSphere Client, vSphere Web Client, PowerCLI. If you want to export virtual machine with 200~300 GB virtual disks (Thin or Thick), there is serious problem, just make sure that you have enough free space. But did you try to export big or monster VM as OVA or OVF?
VNX Storage arrays can be added to a domain for centralization logging and management for multiple storage arrays. Also Unisphere Central can be added to a VNX domain.
Sometimes, storage administrator makes mistake about adding or removing VNX storage arrays from VNX domain. As an example, administrator has to remove a VNX for send to repairing but forget removing storage array from domain. Another example, when there is multiple domains with multiple range of IP addresses, may be administrator add array to domain wrongly and after that, change IP and add to another domain.
In these situations, domains will contain some systems as unverified system, the unverified systems should verify again and otherwise should be removed.
At the first part, we’ve reviewed GSM (Greenbone Security Manager – Formerly OpenVAS) as a security manager or assessment tool for discovering vulnerabilities on virtual environments, the second part was more functional and we talked more about GSM. You leaned that how can you create a target on Greenboone Security Manager and scan it to discover vulnerabilities.
As I said at the end of second part of the blog post, the third part is related to resolving security issues. Any software and specially operating systems have “Hardening Guide”. You must follow steps of hardening guide to reduce security vulnerabilities effect on production environments.
We have reviewed reasons of have Vulnerability Assessment or Vulnerability Manager in virtual environments and how these software help us to find vulnerabilities on any component of virtual infrastructure. We have reviewed OpenVAS or Greenbone Security Manager and talked about features and abilities.
Now, it’s time to use the GSM server that we had prepared on the previous part. In this part of blog post, we’ll configure a target (ESXi Server) on OpenVAS server, create a task for scan and find the result of scan.
I’ve installed ESXi 6U1 (3029758) on a virtual machine and there is no customized configuration, all configurations are default.
Over the years, XTables (IPTables, IP6Tables, ARPTables and EBTables) were using as user-space utility programs for packet filtering in Linux distributions such as Red Hat Enterprise Linux or Ubuntu. Now, Linux vendors are replacing XTables with next generation packet classification framework which called NFTables.
nftables replaces the popular {ip,ip6,arp,eb}tables. This software provides a new in-kernel packet classification framework that is based on a network-specific Virtual Machine (VM) and a new nft user-space command line tool. nftables reuses the existing Netfilter subsystems such as the existing hook infrastructure, the connection tracking system, NAT, user-space queuing and logging subsystem.
In virtual environments, any vulnerability has affect on virtual infrastructure and those who get the service including internal and external services. So at least, any organization should have process to identifying vulnerabilities. Identifying vulnerabilities needs tools in IT infrastructure to scan devices, operating systems and applications and find vulnerabilities (Especially security vulnerabilities).
