News

Backup Comparison Updated with Veeam Backup

There is a new backup comparison (http://vmprofessional.com/index.php?content=esx3backups) that has been updated with Veeam Backup and some other odds and ends. I did add a new criteria to the list, and that is how well the software integrates with VC. While almost all can at least talk to VC, I have yet to find a tool that truly integrates into VC.

My next update should be when I have time to look at VISBU and the latest esXpress update.

Posted by Texiwill at Friday, June 06, 2008.

ESXi - [Unsupported] Console Access

To access the ESXi console in unsupported mode do the following.

1. Open the console of your ESXi host, you should see a screen that look something like the following ( altered to protect the innocent ):


2. Use the key-combo Alt+F1, and you'll bounce to a virutal terminal (vtty1) with some log messages in it. Though you won't get a response to any characters that you type in here type 'unsupported' and then hit enter.


3. Once you access the unsupported mode, you'll be greeted with a friendly reminder that you shouldn't be accessing the console without the help of your friendly neighborhood VMware support engineer. Enter your root password here and you'll have unfettered access to the console. Some of your old friends are still here like esxtop and esxcfg-mpath, and so are some new ones like esxcfg-locker.



Standard warnings apply here. You really shouldn't be messing around in here if you don't know what you're doing.

Labels: ESXi unsupported console access

Posted by Dominic Rivera at Wednesday, June 04, 2008.

Tripwire Releases ConfigCheck

Tripwire Configcheck

Tripwire made their move into the virtualization market today with the release of Tripwire Configcheck. Configcheck is a free utility that will audit your ESX host(s) and give recommendations on steps that you can make to ensure that your ESX host is in compliance with your security policies. Configcheck also offers detailed information on how to remediate any of items that it audits via a free whitepaper ( registration required ).

Labels: tripwire configcheck security new release

Posted by Dominic Rivera at Wednesday, June 04, 2008.

New ESX 3.0.1 / 3.0.2 / 3.5.0 Patches released

VMware released their latest round of patches for VMware ESX 3.0.1/3.0.2/3.5.0 today and as promised I'm right on top of it this time. All of the patchlist.txt's have been updated for the esx-autopatch.pl utility, you can get your updated copies here.

ESX 3.5.0:
Security Update to VMkernel and Multiple RPMs
Update to VMware ESX Scripts
Update to VMnix.
Security Update to the Service Console for Cyrus SASL
Security Update to the Service Console for unzip
Security Update to the Service Console for Tcl/Tk
Security Update to the Service Console for Kerberos 5
Security Update to cim-smwg
Update to VMware-esx-iscsi
Update to VMware-esx-drivers-net-e1000
Security Update to Fix Local Exploitation of an Untrusted Library Path Vulnerability in vmware-authd

ESX 3.0.2:
Software iSCSI Initiator Does Not Discard Stale Target Bindings
vmkernel LVM driver Might Stop Responding; VMware VIX API Memory Overflow Vulnerabilities; Snapshot Operations Might Fail Under High I/O Stress
Service Console Security Update for the pcre package
Service Console Security Update for the net-snmp package
Service Console Security Update for Kerberos 5
Service Console Security Update for unzip
Fix for bnx2 Driver not Properly Reporting Simulated Hardware Failure
Service Console Security Update for Cyrus SASL
Service Console Security Update for Tcl/Tk
VMware VIX API Memory Overflow Vulnerabilities
VMware VIX API Memory Overflow Vulnerabilities; VMware Tools Local Privilege Escalation on Windows-Based GOS; Unable to Browse NFS or Networking Shares; Pre-Built Modules for VMware Tools
Security Update to Fix Local Exploitation of an Untrusted Library Path Vulnerability in vmware-authd

ESX 3.0.1:
VMware VIX API Memory Overflow Vulnerabilities; VMware Tools Local Privilege Escalation on Windows-based GOS; Unable to Browse NFS or Networking Shares; Pre-Built Modules for VMware Tools
Service Console Security Update for the pcre package
Service Console Security Update for the net-snmp package
Service Console Security Update for Kerberos 5
Service Console Security Update for unzip
Service Console Security Update for Cyrus SASL
Service Console Security Update for Tcl/Tk
VMware VIX API Memory Overflow Vulnerabilities
Security Update to Fix Local Exploitation of an Untrusted Library Path Vulnerability in vmware-authd
Snapshot Operations Might Fail Under High I/O Stress


VMware also released updated patch bundles for ESX 2.5.4/2.5.5

Labels: esx patch 3.0.1 3.0.2 3.5.0 updates esx-autopatch.pl

Posted by Dominic Rivera at Wednesday, June 04, 2008.

VirtualCenter Passthrough Authentication

A very useful, yet very undocumented feature of the Virtual Infrastructure Client is that it can be configured to automatically pass your Active Directory credentials without you typing them in. To use: create a shortcut to the Virtual Infrastructure Client, then right-click on it and edit the shortcut properties. You'll need to pass the program two arguments when calling it like so:

"C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\VpxClient.exe" -passthroughAuth -s vc.yourdomain.com

Where "vc.yourdomain.com" is replaced with the DNS name for your VirtualCenter server. It's extremely simple and just might hold of carpel tunnel syndrome for an extra few days.

Posted by Dominic Rivera at Monday, June 02, 2008.

May 1st Patches

Sorry folks, I was offline for a while as I moved from one house to another. I'm just getting caught up now. I've uploaded new patchlist.txt files for ESX 3.5.0, 3.0.1 and 3.0.2 which you can find in the usual place. Happy patching.

Labels: esx patch 3.0.1 3.0.2 3.5.0 updates

Posted by Dominic Rivera at Monday, June 02, 2008.