Hackers, Phishers, Malware and more…..a virtual cancer

Many of you may have noticed over the last few weeks that Dailyhypervisor has had some ongoing issues.  It all started around the same time my 2 year old son went into the hospital I had gotten an message from a friend letting me know that google had flagged dailyhypervisor.com as a malware site.  Sure enough it had been flagged and malware was indeed present.  With no time to properly resolve the issue I did the only I could do to prevent anyone from coming to my site from being impacted by the malware.  I took the site down.

For me it was a quick temporary fix until I could find the time and focus to get it back up and fixed.  Of course it wasn’t until 11 days later when my son was finally released from the hospital that I got to fixing the site.  My fix was to perform a complete restore from a known good backup.  Luckily I do subscribe to a cloud based backup solution that takes nightly backups and I was able to determine when was the best time to restore the site to.  However I knew this wasn’t going to need to be the only step I took.

After the restore was completed I then needed to try and figure out how they got in and try to lock it down to prevent further incidents.  After hours spend reviewing the security I already had in place, file permissions, firewall rules, and updating all components of the site I got to a point where I felt I had done all the things I needed to and everything should be ok.  Well I recently just found out that was not the case.  These lechers of the internet that exploit any sites they can with vulnerability’s in order to turn them into petri dishes for spreading malware and other malicious code once again gained access to dailyhypervisor.

After doing yet another restore and and exhaustive review of the site again I decided to dig deeper into the plugins that I was using on the site.  I believe the download manager plugin to be the culprit but also discovered other plugins I was running that haven’t seemed to be maintained in a long time.  I ended up removing all the plugins that I felt were insecure, outdated and posed a security risk to the site and my readers.  With the removal of my download manager I will have go to through the entire site and update all the links to all the downloads to point them to the external sources where our downloads are located.  In the meantime if you need to download any of the packages we have shared you can find them on github or VMware Sample Exchange.

I would however like to take this time to apologize to all of my readers for the ignorance of these hackers that hide behind their keyboards in the darkness  and prey on those of us trying to be productive and helpful.  The craziest part is in the last year my blog has probably been the most secure it has been since I started it in 2009 and I’ve never had these issues before in the past.  The good news is they have not hacked or gotten access to the database, just the file system of the site.

I would like to ask all of you that if you see something, please say something.  Please send me a tweet to @vmmeup if you notice anything off.  I have up’d my game a little I now have a solution that monitors all my files and notifies me of any changes, but this isn’t bullet proof and I can’t look out for it ever minute of every day, so please if you notice anything strange with the site moving forward please let me know.  Thank you all for your patience and I resolved this issue and for being loyal readers.

Sid Smith

DailyHypervisor Forums are online.

We have just launched our DailyHypervisor Forum located at http://www.dailyhypervisor.com/forum. Stop by, contribute and be a part of our community. The DH Forum is intended to be for all things cloud. Currently we have forums created for vCAC, vCD, vCO, Cloud General, and Openstack. More forum categories will be coming based on demand. If you have a category you would like to see shoot us a note and let us know.

Our goal is to create a common place where anyone can come to learn, get help, share ideas, or just about anything that will help foster knowledge regarding cloud computing. Considering this very blog is the announcement of our forum you could image there isn’t a whole lot happening yet so what are you waiting for, be the first. Go ask a question, post an issue, share a thought and let’s get things rolling.

HP MoonShot – Hardware is catching up with the cloud

HP is taking cloud computing to the next level with their MoonShot servers. Cloud isn’t just software anymore.

Now I don’t know if HP MoonShot can solve all of today’s datacenter issues, but it surely is a start. Moonshot is an interesting concept HP is taking Intel Atom S1260 processors, on a bunch of micro PC sized cards and put them all in one chassis. One MoonShot chassis is capable of housing 45 servers, that’s just incredible. HP is claiming that the MoonShot servers consume 89% less energy than a traditional servers. Considering each of the 45 servers in the chassis are pulling straight DC from the chassis and each individual server is not running an 800W power supply that is only 60% efficient I would think it’s possible. In fact the Moonshot chassis takes 2-4 1200W power supplies that are 94% efficient. Not only are you powering 45 servers with these power supplies, but the chassis also houses two Ethernet switch modules and two uplinks with SFPs.
moonshotProdImg_471x292
Continue reading “HP MoonShot – Hardware is catching up with the cloud”

ESX is Going Away – How to Migrate to ESXi

If you didn’t know it yet, VMware announced a while back that future releases of VMware will not include the “traditional” ESX Server. From their site:“VMware vSphere 4.1 and its subsequent update and patch releases are the last releases to include both ESX and ESXi hypervisor architectures. Future major releases of VMware vSphere will include only the ESXi architecture.”

If you are in a “24/7/365” shop then the applications running in your private cloud should currently be in virtual data centers (vDC) that are contained in DRS/HA clusters and the migration can be completed with no downtime to the applications. However, there are still other systems, such as development and test systems or possibly some minor infrastructure services applications that may not benefit from vSphere’s availability features. I know many people have scheduled outages, shutdowns, etc. during the upcoming holidays. It may the best time to migrate to ESXi.

Continue reading “ESX is Going Away – How to Migrate to ESXi”

A Few Gotchas With vSphere 4.1! Updated

Since everyone else in the world is heralding the release of vSphere 4.1, I figured I would post some bad news. The stuff you may want to know BEFORE you jump into upgrading to vSphere 4.1. Before I start, I want to make it clear that vSphere 4.1 is a great product overall. And I have already been leaning to ESXi, so the announcement that this will be the last release with the “traditional” ESX has been expected. I will talk about ESXi and its improvements in a later post. I just want you to be aware of these rather significant Gotchas.

Continue reading “A Few Gotchas With vSphere 4.1! Updated”

vShield Zones – Some Serious Gotchas

OK..I’ll admit it: I am spoiled by the capabilities of vSphere. What other platform lets you schedule system updates that will occur unattended and without outages of the applications being used? I don’t mean the winders patches, they require a monthly reboot. I am talking about the hypervisor updates. VMware Update Manager coordinates all of this for you. Then along comes vShield Zones to break it all.

First, let me explain what I am trying to do. To simplify things, vShield Zones is a firewall for vSphere Virtual Machines. Rather than regurgitate how it works, take a look at Rodney’s excellent post. A customer has decided to use vShield Zones to help with PCI Compliance. The desire is that only certain VMs will be allowed to communicate with certain other VMs using specific network ports, and to audit that traffic. ’nuff said.

vShield Zones seems to be the perfect solution for this. It works almost seamlessly with vCenter and the underlying ESXi hosts. It provides hardened Linux Virtual Appliances (vShield Agents) to provide the firewalling. It provides a fairly nice management interface to create the firewall rules and distribute them to the vShield Agents. Best of all, IT’S FREE! At least for vSphere Advanced versions and above. Keep in mind, that this is still considered a 1.x release and some things need to be worked out.

Now, on to the gotchas.

Continue reading “vShield Zones – Some Serious Gotchas”

ESX vs ESXi which is better(Revisited vSphere 4.0)

Back in April I wrote a blog aimed and the differences between ESX and ESXi. The original post was written for ESX 3.5 and with the introduction of vSphere I think it’s about time i have revisited this topic and looked at the pros and cons of ESX4 and ESX4i. Now before we dig into the technical details there is one big thing you should all be aware of. The FAQ page published by VMware states “VMware ESXi is the recommended platform for both new and existing customers. Future hypervisor releases will solely be based on this architecture.

For most that should be enough said. After reading that I would seriously start rolling out ESXi in a lab and start figuring out how I could maintain my needs without the service console most of us have become to know and love. I would also start brushing up on the RCLI as well as the PowerCLI if you are currently dependent on scripts that run in the service console. The good news is almost everything you do today in the service console can be achieved one way or another with ESXi as well. OK with that said lets talk about some of the other limitations.

Continue reading “ESX vs ESXi which is better(Revisited vSphere 4.0)”

VMware SDK and Visual Studio 2008

I went to install the VMware SDK for vSphere 4.0 on to my desktop running Windows 7 64-bit, Visual Studio 2008, and .Net 3.5 SP1 and discovered the SDK setup is not friendly with these versions.  According to VMware you need Visual Studio 2005 and .Net 2.0 if you want to run the SDK.

So like most of you reading this I turned to my trusted adviser…google to find the answer I was looking for.  Much to my disappointment after 5 minutes of searching around I didn’t find any instant gratification for my problem so I decided to just go ahead and figure it out on my own.

It turned out to be a relatively easy task once I discovered what was causing my issues.  There are two windows cmd scripts that need to be edited to point to the proper locations of your installations.  I have included the modified cmd files in our downloads section for those of you that would like them.  These files are built to support my specific configuration but they are very easily edited to support your configuration.

Continue reading “VMware SDK and Visual Studio 2008”

Citrix Xen Desktop (DDC) / Provisioning Server (PVS) & vSphere SDK

I’m sure many of you have run into an issue with setting up Citrix Xen Desktop (DDC). As i was setting up a new “Desktop Group” I ran into a problem when trying to configure the vCenter SDK address. The configuration wizard show you an example that looks say ‘For example, https://VirtualCetner.example.com/sdk” which is what you would expect to use and you would also expect it to work. Think again. When you try to setup your vCenter SDK address you will be presented with and error “The hosting infrastructure could not be reached at the specified address.” Citrix takes security serious so unless you plan on replacing the default SSL certificate on your vCenter server you will need to hack out a work around. Now I would agree that in production you should replace the default SSL but if your just trying to spin up a demo or test environment it can be a hassle.

So I searched the web over and over and found a number of threads with many of ways to resolve the issue only none of them seemed to work for me. However a combination of a number of things that I found did. So I’m here to save you the trouble of finding all of various pages with partial solutions. Below you will find exactly what you need to do to make this work.

Continue reading “Citrix Xen Desktop (DDC) / Provisioning Server (PVS) & vSphere SDK”

DynamicOps Delivers Automated, Space-Efficient Virtual Desktop Solution

“The desktop deployment productivity tools that NetApp and DynamicOps offer significantly increase the value of virtual infrastructures by improving performance, providing essential data management resources, and reducing costs,” said Patrick Rogers, vice president of Solutions and Alliances, NetApp. “Enterprises and service providers can now offer multiple, cost-effective service level options for virtual desktop deployments by leveraging the unique orchestration of virtual storage capabilities that are part of the new DynamicOps solution.”

The full release can be found at http://www.dynmaicops.com/news/