:::: MENU ::::
Browsing posts in: Non classé

Vulnerabilities : Access ESXi shell from a VM

Since a long time, many of security experts said that it may be possible to access to the ESXi shell trought a VM. No one had the ability to demonstrate this. This time is ended.

During the “GeekPwn2018”, Zhangyanyu from ChaitinTech company demonstrates this critical vulnerabilitie.

He get the skill to demonstrate how to do it, here a quick video from Julien Mousqueton’s Channel :

He used memory stack uninitialized in vmxnet3 to put code and execute it on the host. If you are using E1000 no issue with it.

If you need further details on this, you may check the official communication from VMware:
https://www.vmware.com/security/advisories/VMSA-2018-0027.html

In order to solve this vulnerabilitie, you’ll need to install ESXi670-201811401-BG patch.


VMworld 2018 : First Timer

Here is the time for a recap from the 2018 VMworld edition, first time for me.
That was one of my greatest profesionnal opportunity.

How can i summary it ?
– Great Community
– Great partner
– Great party
– And AMAZING session / workshop.

12000 IT Guys, 90 nationalities, it gives you an idea of this amazing 10th VMworld Europe. Continue Reading


vSphere 6.7 U1 : HTML 5 Client full featured

We’re waiting this since VMworld US : vSphere 6.7 U1 is out since few days, and this new version brings some really new cool features.

I was expecting this one since the HTML 5 client is out : having the capability to use ONLY this client. No more flash client!

How to update? 

First update your vCSA, go into the Management page and in “update” section select “6.7.0.20000”. The update is cumulative one so don’t worry about the other.

Continue Reading


Homelab Upgrade : vSAN powered

vSAN is here from few years now, i already worked on it and i don’t take risk to say that’s a powerful technology.

I’m not really an expert on this topic and i want to go further, but as you may know, vSAN need “important” hardware. This solution, in my humble opinion, become nice to lab on it if you have at least SSDs and NICs dedicated to it.

NUC is for me one best solution to have your home lab, low footprint, low electrical consumption and really low noise, but you have drawback : my version is limited to 16 GB each and only one NIC adapter.

Continue Reading


VMware Flings : DRS Lens

VMware flings is website that i falled in love, years ago, you can find really interestring tools.

“DRS Lens” is one them, as many of VMware’s product, you simply have to deploy it trough an appliance.

Next, first step is to configure the IP address:

Next, you can go to the appliance web site, the address is https://ip_adress/drs/app

Continue Reading


vRealize Operations Manager : First Steps configuration

We saw in a previous post how to simply install vROps, we are here now to perform the first configuration steps.

Now that the first installation steps are done, you need to configure your appliance, steps are performed from web interface : http://vROps_IP_address

You should see this page.

If yes, you’re now ready to clic on “new installation” :

Getting started, you’ll find here a little schema which explain how “modules” communicate:

Continue Reading


vSphere 5.5 is dead, long live vSphere 6.7

Everything is in the title, vSphere 5.5 is dead.

As described here by VMware end of support will be september 19, 2018.

What should you do?

Upgrade to vSphere 6.7 is THE choice i think, if you’re not confident with the last version of vSphere 6.7, you can go to vSphere 6.5.

Prerequisites?

Not so much to say, the thing to notice is that “Windows Client” is no more available, only web client.
HTML5 client is really handsome, Flex client aka Flash client is also still available, but new features will only be available trough the HTML one, so go directly with this one.

If your vCenter is in 5.5 and hosted on a Windows VM,  you can now go to vCSA version, in fact you must go for it, update manager is now packaged on it.

Continue Reading


vRealize Operations Manager : Introduction and installation

Hi there,

Since a long time, i wanted to learn more about vROps. When i say more, it’s because i have few knowledge about it, indeed it’s now part of the VCP-DCV certification.

In my daily job, i have the chance to go back in vROps, so it’s really interesting to continue on it with my Homelab.

What is vRealize Operations Managers?

vROps is a software, part of the vRealize suite with a main goal to provide a control center for IT Admins. You will get the ability to create custom dashboard and reports.
You can analyse capacity, risks and health of your infrastructure.

We will come back more in details later.

Continue Reading


Clear DNS cache on vCSA 6.5 and later

As you may know, vCSA is now running on Photon OS.

If you are performing some IP change on one of your ESXi, or you are adding a new ESXi on your infrastructure, you may struggle with DNS caching.

You may found on the web that the solution is simply to run this command on your vCSA :

systemctl restart systemdresolved.service

Wich worked, on first release of vCSA 6.5, but not anymore.

If your go further in the vCSA configuration you will see in the /etc/resolv.conf this line :

nameserver 127.0.0.1
nameserver x.x.x.x
nameserver x.x.x.x

where x.x.x.x are your DNS servers. This configuration means that vCSA have a local DNS, thank’s to “dnsmasq”

In order, to clear the local caching you’ll need to restart the dnsmasq service thank’s to this command:

systemctl restart dnsmasq

those will not perform any side effect on your infrastructure.

Feel free to leave a comment if you’re still in struggle with DNS on your vCSA.

 


Horizon 7.5

I said that the new post will be really soon, so here it is!

Horizon 7.5 is out !

Great news, first because there is really nice improvements :

  • Horizon 7 supports vSphere 6.7.
  • Horizon Console is the latest version of the Web interface
  • Horizon Help Desk Tool is integrated into Horizon Console
  • You can troubleshoot Linux desktop sessions in Horizon Help Desk Tool in Horizon Console.
  • HTML5 Multimedia Redirection support for the Edge browser
  • VMware Logon Monitor monitors Windows user logons and reports performance metrics
  • VMware Horizon Performance Tracker runs in a remote desktop and monitors the performance of the display protocol and system resource usage.

You have plenty of other new features and bug correction, you can find details here:
https://docs.vmware.com/en/VMware-Horizon-7/7.5/rn/horizon-75-view-release-notes.html

Part of homelab rebuild, it will be really nice to rebuild VDI infrastructure…

So stay tune 😉

 


Pages:12