Monthly Archive: November 2018

ovf 0

Server Virtualization

How to Export Big Virtual Machine (>2TB) as OVA or OVF

I guess, you know the instruction but let’s quick review. You can export virtual machines via some different tools such as vSphere Client, vSphere Web Client and others. All administrators do it today and familiar with OVA and OVF. It’s possible to export small virtual machines via vSphere Client, vSphere Web Client, PowerCLI. If you want to export virtual machine with 200~300 GB virtual disks (Thin or Thick), there is serious problem, just make sure that you have enough free space. But did you try to export big or monster VM as OVA or OVF?

VNX Domain - Unverified Systems 2

Data Storage / How To

VNX 2 Series: Best Solution to Remove Unverified Systems

VNX Storage arrays can be added to a domain for centralization logging and management for multiple storage arrays. Also Unisphere Central can be added to a VNX domain.

Sometimes, storage administrator makes mistake about adding or removing VNX storage arrays from VNX domain. As an example, administrator has to remove a VNX for send to repairing but forget removing storage array from domain. Another example, when there is multiple domains with multiple range of IP addresses, may be administrator add array to domain wrongly and after that, change IP and add to another domain.

In these situations, domains will contain some systems as unverified system, the unverified systems should verify again and otherwise should be removed.

GSM Community Edition - Report Comparison 4

How To / Reviews / Security

Virtual Environments Vulnerability Assessment By GSM (OpenVAS) – Part 3

At the first part, we’ve reviewed GSM (Greenbone Security Manager – Formerly OpenVAS) as a security manager or assessment tool for discovering vulnerabilities on virtual environments, the second part was more functional and we talked more about GSM. You leaned that how can you create a target on Greenboone Security Manager and scan it to discover vulnerabilities.

As I said at the end of second part of the blog post, the third part is related to resolving security issues. Any software and specially operating systems have “Hardening Guide”. You must follow steps of hardening guide to reduce security vulnerabilities effect on production environments.

Virtual Environments Vulnerability Assessment By GSM (OpenVAS) - Part 2 0

Reviews / How To / Security

Virtual Environments Vulnerability Assessment By GSM (OpenVAS) – Part 2

We have reviewed reasons of have Vulnerability Assessment or Vulnerability Manager in virtual environments and how these software help us to find vulnerabilities on any component of virtual infrastructure. We have reviewed OpenVAS or Greenbone Security Manager and talked about features and abilities.

Now, it’s time to use the GSM server that we had prepared on the previous part. In this part of blog post, we’ll configure a target (ESXi Server) on OpenVAS server, create a task for scan and find the result of scan.

I’ve installed ESXi 6U1 (3029758) on a virtual machine and there is no customized configuration, all configurations are default.

iptables vs nftables 1

Reviews

NFTables, The Next Generation of Packet Classification Framework

Over the years, XTables (IPTables, IP6Tables, ARPTables and EBTables) were using as user-space utility programs for packet filtering in Linux distributions such as Red Hat Enterprise Linux or Ubuntu. Now, Linux vendors are replacing XTables with next generation packet classification framework which called NFTables.

nftables replaces the popular {ip,ip6,arp,eb}tables. This software provides a new in-kernel packet classification framework that is based on a network-specific Virtual Machine (VM) and a new nft user-space command line tool. nftables reuses the existing Netfilter subsystems such as the existing hook infrastructure, the connection tracking system, NAT, user-space queuing and logging subsystem.

Vulnerability Assessment 1

How To / Reviews / Security

Virtual Environments Vulnerability Assessment By GSM (OpenVAS) – Part 1

In virtual environments, any vulnerability has affect on virtual infrastructure and those who get the service including internal and external services. So at least, any organization should have process to identifying vulnerabilities. Identifying vulnerabilities needs tools in IT infrastructure to scan devices, operating systems and applications and find vulnerabilities (Especially security vulnerabilities).

Linux Container 0

Reviews / Server Virtualization

Operating System Level Virtualization (Part 2) – Implementations Comparison

These days, everyone knows what’s Cloud Computing and cloud based services are using for speedup deployment of organizations services. Operating System Level Virtualization or Containers helping system architectures and administrators to achieve the goals. There are many implementations for containers that today, those methods are compatible with different hardware architectures and operating system.

You may know that Unix has OS Level Virtualization from past years and this technology is very older than other virtualization such as Full Virtualization or Paravirtulization.

Full Virtualization (VMware ESXi, Hyper-V) and Paravirtualization (Xen, UML) provides different guest OS but there is no way to use different guest OS when you are using containers. Of curse, some solutions are under development.

ancient 1

Operating System

NTP Software Implementations Comparison

This post is about NTP Software implementations actually, but I have to write some words about NTP. NTP is an angle for financial applications, actually some of services such as banking services are very depended to clock synchronizations protocols. NTP is an ancient thing, it is more than 30 years old and even older than Windows 7 and Windows XP.

HPE 0

Reviews

HPE Management Component Pack (MCP)

HPE Management Component Pack or HPE MCP provides agent software for use on community-supported distributions. The MCP (unlike the SPP) does not provide drivers and firmware (firmware is provided via HPSUM, and drivers are provided by the distribution vendors). The Linux Service Pack for ProLiant provides updated drivers and agent software for use on RedHat Linux and SUSE Linux Enterprise Server.