Wednesday, September 29, 2010

installing VMWare Virtual Center 4.1 (VCenter)

First of all, it requires a 64bit version of Windows 2008 Server, and I didn't know that when I have to. After installing that, you'll need to install SQL Server, and I installed, again, the 2008 Standard version. Having the operating system and SQL server installed, is not enough for a smooth VCenter installation. You'll also need:
1. create a database for VCenter, and an owner for it, of course, with a password.
1. create a System DSN for VCenter to use to connect to your SQL Server - don't use "SQL Server", use "SQL Server Native Client", and set the user to be the newly created one, and the default database to be the newly created VCenter database.
3. disable Full recovery - in SQL Server Management Studio > right-click VCenter database > Properties > Options > Recovery Model > Simple (instead of Full)

This will grant you a smooth VMWare vCenter 4.1 installation.

[update] To install vCenter Update Manager, you'll need to create another pair of username/database. But, this time, you'll need to create a 32 bit System DSN. This is done like this:

Start > Run > c:\windows\SysWOW64\odbcad32.exe

This utility creates 32 bit System DSN on a 64 bit operating system. That's all, for now..

Windows Updates error code 80010108

So, I'm beginning my learning for the VCP certification I want to take very soon. Anyway, I've installed the required Windows Server 2008 Standard x64 for vCenter, and something happened when I first tried to update. Since then, Windows Updated didn't work. After some google searching, I found out that Windows Update Agent might be fucked up. In order do download the latest version from Microsoft website, go to:

Install it, then run Windows Update again, it should work, hopefully :)

Tuesday, September 28, 2010

Proventia Server for Linux

I was very happy when I found out there's a Provetia Server for Linux. But, there are 2 limitations:
- it's only installable on RHEL which I thought I could easily pass by modifying the install script
- it only wants s390x architecture...say what?!

So, to be more exact, this is the check in the install script:

function CheckOSSupport {
# Check whether the platform is supported or not
HW=`uname -m`
if [ $OS_NAME == "RHELREL" ]; then
if [ $HW == "s390x" ]; then
$GREP -q 'Red Hat Enterprise Linux Server release 5' /etc/redhat-release
if [ $? -ne 0 ]; then
$GREP -q 'Red Hat Enterprise Linux [EA]S release 4' /etc/redhat-release
if [ $? -ne 0 ]; then
$GREP -q 'Red Hat Enterprise Linux Server release 5' /etc/redhat-release
if [ $? -ne 0 ]; then
if [ $OS_NAME == "SUSEREL" ]; then
VERSION=`$GREP VERSION /etc/SuSE-release | tr -d ' ' | cut -f2 -d'='`
if [ $VERSION -le 9 ]; then

Wednesday, September 15, 2010

Port Knocking

Someone recently asked me about securing SSH server. The only options I thought then was changing the port, disabling password interactive login, and enabling public/private key pair to authenticate. This should be enough in most cases. But, there's more. One of them is version cloaking. This can be done with a patch applied to the source of OpenSSH and recompile it. Another way to secure remote access is port knocking.

Its main principle is this. Port 22 is locked. You have to knock in a custom manner in order to get the port opened only for the incoming IP that knocked. The server side, includes a daemon called knockd looking for specific sequence of knocking on the server door. You can configure a specific order of ports to knock, a specific flag those packets should have, a sequence timeout, commands, and few more options. The command, in this case, will be to open port 22 for the incoming IP that knocked exactly in the same order the server is setup to listen. You can also use another sequence of knocking to close the same port, that actually deletes the firewall rule added earlier.

The client side, well, I tried around 3 port knocking clients, and the last one went well, being made by the same guys who did the server, This includes also a windows version that can be easily run from a command prompt window. You can configure the host it will knock, type of packet, order of ports, and so on.

Installation on Ubuntu is a very easy apt-get install knockd.
You'll be able to start the daemon by enabling it in /etc/default/knockd.
Configuration file is /etc/knockd.conf, and I've first used it using (almost) one of the configuration found on website:

logfile = /var/log/knockd.log

sequence = 7000,8000,9000
seq_timeout = 10
tcpflags = syn
command = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT

sequence = 9000,8000,7000
seq_timeout = 10
tcpflags = syn
command = /usr/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT, this configuration, listens for TCP packets, with the flag syn, in a sequence of 7000, 8000, 9000, with a timeout of 10 seconds. After it detects that, it automatically grants port 22 access to the incoming IP. If the daemon gets the reverse order of knocking, it will automatically delete the rule, so, closing the port again for all IPs. Unfortunately, those knockings can be easily read on a packet sniffer between you and the secured server, but, it's how you can secure more a SSH server. Oh, and, in case you don't want to be left outside on the server, in case of daemon failure, you should get a script running that automatically checks if the daemon is running, and automatically restart it in case it's stopped.

That's all folks!

Monday, September 13, 2010

running out of space in VirtualBox

So, I have this Windows 2008 Server Standard on a VB virtual machine. I've initially allocated 512MB ram and 20GB of hard disk, considering it will be enough for my test of IBM SiteProtector, the Express installation of it. Unfortunately, it isn't. And I have a lot of warnings in SP Console about disk space. So, I needed to enlarge my ..hard drive in order to get rid of those warnings, and I found this solution:

1. Create a new disk from Virtual Media Manager > Hard Disks - in my case, I've created a new, 30GB large one.
2. Download System Rescue CD from here. It's a Linux distro with XFCE window manager, and the software you need - GParted (an open source Partition Magic :P )
3. Start your virtual machine with both disks ( in my case, the 20GB and 30GB disks ) and mount System Rescue CD as a CDROM in your VM with the option to boot from it first.
4. When it boots, select "SystemRescueCD: default boot options" - this will get your live CD up and running.
5. type "startx" on the prompt to start the window manager.
6. type "gparted" to start working on partitions.
7. right-click /dev/sda1 (my windows partition) and click "copy"
8. select /dev/sdb from the disk select list in top right corner
9. right-click the disk and select "paste", it will ask you to create an empty partition table.
10. drag the slider to the max size of your sdb disk; then click apply.
11. wait...more or less, depending on disk size...
12. right-click newly /dev/sdb1 > Manage Flags > check "Boot" and then OK.
13. power off virtual machine, remove CD, remove original drive, and then start the virtual machine with the newly created disk.

This just worked for me..5 minutes ago.. :)