Blogs

Commentary - Barracuda Networks embarassed by hacker attack

A prime example of patient bad guys waiting for the right opportunity. Disabling a piece to your security formula in order to perform maintenance or an upgrade is gambling. Ideally you would disconnect/block the point of entry during the window, e.g. turning off internet connectivity.

Puppet on Ubuntu Configuration Notes Part 2

Some additional notes after working more with Puppet to try to accomplish the desired results. Specifically I wanted to trigger updates right away in select scenarios vs. waiting until the next puppetd update interval. This can be accomplished with the "puppetrun" command. You need to make a few configuration updates to enable this.

Puppet on Ubuntu Configuration Notes

Knowing I will be working with a cluster of Ubuntu servers that should be identically configured, I decided to teach myself Puppet to simplify the deployment of packages and configurations. Below are some notes on the configuration of the various files. I used NTP as a nice, simple test for a simple service that should be deployed and configured identically on each host.

  

Local Ubuntu Mirror Notes

My notes on configuring a local repository for Ubuntu that hosts on private internal LAN will use to update packages. I installed apt-mirror package on the "master" server. Also a proxy server is in place to protect the LAN.

apache conf file for sharing

Listen 192.168.0.64:8888

  DocumentRoot /storage/aptmirror/repo/mirror

Linux Tip - Disable Reverse DNS for SSHD

A very typical fix to disable DNS reverse lookups by the SSH daemon. Several reasons to disable it including:

  • non-Production test/dev/lab environments where there may be no reverse DNS
  • external facing servers who may get scripted SSH brute force attacks
  • laggy DNS and you really want to get in fast

How To - Trunking VLANs, ESXi / Nexus 1000v through PowerConnect

I recently started evaluating the Cisco Nexus 1000v virtual switch in a VMware test environment. Once we jumped through the various hurdles (possibly future blogs entries) and had the VSM and VEM components installed, I was having issues getting the VEMs on the other ESX hosts communicating with the VSM on my first host.

Fix - Cannot create vCenter Server Directory Services instance

Recently I had to build a replacement VMware vSphere vCenter server. I did the usual 2008 R2 OS install and updates, installed some prerequisites and tools. However when I went to install vCenter, I received the following error:

"Cannot create vCenter server Directory Services instance"

Fix - Internal CA Certificate issues on Server 2003

In one environment, I noticed various security certificate symptoms that caused problems on a particular Windows 2003 Server x64 Workstation.

  • Outlook 2007 gave certificate errors on launch (autodiscover)
  • Internet Explorer 8 could not browse internal HTTPS site
  • Digitally signed email from others complained about invalid signatures

HowTo: Publish Exchange Public Calendar with PHP

My goal was to extract appointment info from an Exchange Public Calendar to be displayed on an intranet site. This can be accomplished using the Exchange Web Services. Microsoft has examples using C# and the EWS API to access the data. Also you can use Perl or PHP module code contributed by the communities to extract this. I chose to go the PHP route vs.

Fix - Vsphere Client System.Reflection.TargetInvocationException

The Windows Server 2003 x64 workstation I was using for the vSphere 4.1 client recently stopped working. Was working fine for quite awhile, but recently I had installed and demo'd a few various software packages. I tried the usual uninstall and reinstall without success.