Virtualization Adapted Adapting Business Processes for Virtual Infrastrcuture (and vice-versa)

2009/05/19

Microsot SQL Server Consolidation Worksheet – information

Filed under: virtualization — Tags: , — iben @ 12:33

Complete a Worksheet like the one provided by Microsoft to get a better idea of any consolidation opportunities. Microsoft has provided a SQL Server consolidation Worksheet to assist with the process of consolidating SQL Servers and it can be found at:
http://www.microsoft.com/technet/prodtechnol/sql/2000/plan/sql2kcon.mspx#EAAA.
* Server product and version
* Perfmon – Read / Write ratios (2 Weeks of data minimum at 5 Minute averages)
* Perfmon – Memory utilization (2 Weeks of data minimum at 5 Minute averages)
* Perfmon – Disk I/O (2 Weeks of data minimum at 5 Minute averages)
* Perfmon – Network I/O (2 Weeks of data minimum at 5 Minute averages)
* Security context of databases
* High Availability requirements / Clustering
* Limitations that prevent clustering
* Stability of servers
* Analysis add-ons
* Custom Stored Procedures
* OLTP and OLAP features and frequency of use
* Dependencies of Server / Instance names
* Life expectancy of each database / application / dependency
* Do the apps support Instance Names
* Do the apps have hard coded Server Names / IP’s
* Business continuance requirements
* How many databases
* Data growth rate
* Data Retention Policies
* Backup windows
* Backup technologies
* Change Management for Upgrades / Patching
* SAN technologies
* Peak usage / Low usage time windows of each server
* Location
* Replication frequency, duration, and volume
* SQL mail and other tool interaction
* Indexing / Natural Language Query
* Connectivity requirements
* Processor or Seat licensing
* Internet / Public Access vs. Internal only
* SLA’s to business units
* Who owns the servers (Business Units / Customers / IT Services, etc)

A typical database assessment can last 4 to 6 weeks if the resource has access to the servers and the answers to the questions above. Regardless of the number of servers, the assessment process is the same. You may be able to ballpark the number of servers early, but the actual count can only be determined by detailed analysis and thorough testing.

Netapp Security Best Practices

Filed under: virtualization — Tags: , , — iben @ 09:58

Roles and RBAC on NetApp filers – http://www.netapp.com/us/library/technical-reports/tr-3358.htm or http://media.netapp.com/documents/tr-3358.pdf


2009/05/06

vmxnet3 – features and use information – tips and tricks

Filed under: virtualization — Tags: , , , , , — iben @ 00:01
vmxnet3 – features and use information – tips and tricks
  
UPDATED for Windows 2008 Core

Glad to see this has been posted and we can talk about it now… please share your experiences and let us know if these tips work for you and what sort of performance benefits you’ve noticed when using this new driver.

We’ve been switching our Windows and Linux VMs to use “VMXNET Enhanced” for some time now and see public information on the new VMXNET3 NIC for guests…
This Thread has been started to help with procedures on the conversion of existing machines from older NIC to newer NIC as it is not 100% straightforward and there are some tricks to remove old hardware and change to new hardware. This would be similar in the physical world to changing from a 100 BaseT PCI Card to a GigE card. The old drivers need to be removed, new drivers installed, and IP Addresses moved over. If you just remove the old NIC and install the new one you may end up with a IP Address Conflict error saying the Address you are trying to use is already in use on another Network Interface. The problem is that when you open Device Manager the old NIC is hidden. See below for steps on how to overcome this.
Question: What is VMXNET3?
Answer: VMXNET3 builds upon VMXNET and Enhanced VMXNET as the third generation paravirtualized virtual networking NIC for guest operating systems.
New VMXNET3 features over previous version of Enhanced VMXNET include:
• MSI/MSI-X support (subject to guest operating system kernel support)
• Receive Side Scaling (supported in Windows 2008 when explicitly enabled through the device’s Advanced configuration tab)
• IPv6 checksum and TCP Segmentation Offloading (TSO) over IPv6
• VLAN off-loading
• Large TX/RX ring sizes (configured from within the virtual machine)

What’s New in vSphere 4.0

http://communities.vmware.com/viewwebdoc.jspa?documentID=DOC-9225&communityID=2701
http://www.vmware.com/files/pdf/VMW_09Q1_WP_vSphereNetworking_P8_R1.pdf

From the Cisco document:VMware vSphere 4 and Cisco Nexus 1000V Series

VMware vNetwork module that encompasses the vDS and VMXNET-3 enables inline monitoring and centralized firewall services and maintains the virtualmachine’s network run-time characteristics.

http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9902/solution_overview_c22-529767-00.pdf

Tech Notes

Flexible shows up in Windows Device Manager as an “VMware
Accelerated AMD PCNet Adapter” and Enhanced vmxnet show up as “VMware
PCI Ethernet Adapter”.
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1001805
Flexible — The Flexible network adapter
identifies itself as a Vlance adapter when a virtual machine boots, but
initializes itself and functions as either a Vlance or a vmxnet
adapter, depending which driver initializes it. VMware Tools versions
recent enough to know about the Flexible network adapter include the
vmxnet driver but identify it as an updated Vlance driver, so the guest
operating system uses that driver. When using the Flexible network
adapter, you can have vmxnet performance when sufficiently recent
VMware tools are installed. When an older version of VMware Tools is
installed, the Flexible adapter uses the Vlance adapter (with Vlance
performance) rather than giving no network capability at all when it
can’t find the vmxnet adapter.
Enhanced vmxnet — The enhanced vmxnet adapter is
based on the vmxnet adapter but provides some high-performance features
commonly used on modern networks, such as jumbo frames. This virtual
network adapter is the current state-of-the-art device in virtual
network adapter performance, but it is available only for some guest
operating systems on ESX Server 3.5. This network adapter will become
available for additional guest operating systems in the future.

Networking Error, IP Address Already Assigned to Another Adapter
KB Article 1179
Updated Jan. 07, 2009
Why do I see an error message that “The IP address XXX.XXX.XXX.XXX…” is already assigned to another adapter?

Solution
Under certain conditions, you may see the following error message from a Windows guest operating system:
The IP address XXX.XXX.XXX.XXX you have entered for this network
adapter is already assigned to another adapter Name of adapter. Name of
adapter is hidden from the network and Dial-up Connections folder
because it is not physically in the computer or is a legacy adapter
that is not working. If the same address is assigned to both adapters
and they become active, only one of them will use this address. This
may result in incorrect system configuration. Do you want to enter a
different IP address for this adapter in the list of IP addresses in
the advanced dialog box?
In this message, XXX.XXX.XXX.XXX is an IP address that you are
trying to set and Name of adapter is the name of a network adapter that
is present in the registry but hidden in Device Manager.
This can occur when you change a network connection’s TCP/IP configuration from DHCP to a static IP address if:

  • You have upgraded VMware virtual network adapters (for example

when you migrate a virtual machine from an older to a new version of
VMware software.)

  • You have added and removed network adapters multiple times.

The cause of the error is that a network adapter with the same IP
address is in the Windows registry but is hidden in the Device Manager
(My Computer > Properties > Hardware > Device Manager). This
hidden adapter is called a ghosted network adapter.

Using the Show hidden devices option in the Device Manager (View

Show hidden devices) does not always show the old virtual NIC

(ghosted adapter) to which that IP Address is assigned

Microsoft addresses this issue in their Knowledge Base article
269155, which is available at the time of this writing at
http://support.microsoft.com/?kbid=269155.

To resolve this problem, follow these steps to make the ghosted
network adapter visible in the Device Manager and uninstall the ghosted
network adapter from the registry:
1. Select Start > Run.
2. Enter cmd.exe and press Enter.
3. At the command prompt, run this command:
set devmgr_show_nonpresent_devices=1
4. Enter Start DEVMGMT.MSC and press Enter to start Device Manager.
5. Select View > Show Hidden Devices.
6. Expand the Network Adapters tree (select the plus sign next to the Network adapters entry).
7. Right-click the dimmed network adapter, and then select Uninstall.
8. Close Device Manager.

How to remove these “phantom” NICs from Windows 2008 Server Core

  1. Copy devcon.exe over to the server core server (extract devcon.exe from \SUPPORT\TOOLS\SUPPORT.CAB on a Windows 2003 R2 x64 disc).
  2. Run devcon.exe findall =net (this should list all NICs on the system, including the phantoms). Example output:
    PCI\VEN_15AD&DEV_0720&SUBSYS_072015AD&REV_10\4&B70F118&0&0088: VMware PCI Ethernet Adapter #2
    PCI\VEN_15AD&DEV_0720&SUBSYS_072015AD&REV_10\3&18D45AA6&0&88: VMware PCI Ethernet Adapter
    PCI\VEN_15AD&DEV_07B0&SUBSYS_07B015AD&REV_01\FF565000EB16A3FE00: vmxnet3 Ethernet Adapter
    3 matching device(s) found.
    Observe that vmxnet3 was the active NIC and the others needed to be removed.
  3. devcon -r remove “@PCI\VEN_15AD&DEV_0720&SUBSYS_072015AD&REV_10\3&18D45AA6&0&88″ removed the first one.
  4. Repeat for the remaining unwanted NICs
  5. Reboot the machine to restart all services

Reference: http://vmtoday.com/2009/11/vsphere-upgrade-breaks-active-directory/

Performance

http://blogs.vmware.com/networking/2009/04/considerations-for-maximum-network-performance.html

For UDP, use vmxnet3 to be able to configure a larger vNIC Rx ring size.  Because UDP can be a lot more bursty (due to lack of flow-control), having a larger Rx ring size helps to provide buffering/elasticity to better absorb the bursts.  The new vmxnet3 allows resizing the vNIC’s Rx ring size, up to around 1 to 2 thousand buffers.  As a side note, there is some negative performance impact with larger ring size due to larger memory foot print. The new vxmnet3 vNIC is more efficient than the e1000 vNIC.  Also in general, ESX 4 has some performance improvements over ESX 3.5.

Line Rate 10GigE

Howie Xu, Director of R&D for VMkernel IO remarked recently that after talking with a few customers, many are still unaware we can achieve line rate 10GigE performance on ESX 3.5. Read “10Gbps Networking Performance on ESX 3.5u1” posted on VMware’s network technology resources page.

The story only gets better with vSphere 4 and ESX 4 with the new Intel Nehalem processors. Initial tests from engineering show a staggering 30Gbps throughput.

Choosing a Network Adapter for Your Virtual Machine
KB Article 1001805
Updated May 05, 2009
 
 
Details
  
The Virtual Machine wizard’s Choose Networks window allows you to specify a network and a network adapter. The network adapter choices available depend on these factors:
  • The version of the virtual machine, which depends on what host created it or most recently updated it
  • Whether or not the virtual machine has been updated to the latest version for the current host
  • The guest operating system

The Choose Networks window makes available only those network adapters that make sense for the virtual machine you are creating. Each adapter type is discussed in some detail in “Available Network Adapters,” below. Here is an overview of what Choose Networks might offer you:

  • For virtual machines native to VMware Workstation 4x, VMware GSX Server 3, or VMware ESX Server 2.x, you can explicitly choose between Vlance and vmxnet
  • For most 32bit virtual machines native to VMware Workstation 5 or 6, VMware Server 2, or VMware ESX Server 3, only the Flexible adapter is available
  • For most 64bit virtual machines and for 32bit Microsoft Windows Vista virtual machines, only the e1000 adapter is available
  • For certain guest operating systems on VMware ESX Server 3.5 and later, you can choose the Enhanced vmxnet adapter in addition to the Flexible or e1000 adapter mentioned for that guest type in the previous bullets
Solution
  
Available Network Adapters
 
The following network adapters might be available for your virtual machine, depending on the factors discussed above:
  • Vlance — Vlance (also called PCNet32) is a faithful virtual implementation of a common, if now somewhat aging, physical network adapter. Most 32bit guest operating systems, except for Windows Vista, have built-in support for this card so a virtual machine configured with this network adapter can use its network immediately.
  • vmxnet — The vmxnet virtual network adapter has no physical counterpart. VMware makes vmxnet available because Vlance, a faithful implementation of a physical card, is far from optimal for network performance in a virtual machine. Vmxnet is highly optimized for performance in a virtual machine. Because there is no physical card of type vmxnet, operating system vendors do not provide built-in drivers for this card. You must install VMware Tools to have a driver for the vmxnet network adapter available.
  • Flexible — The Flexible network adapter identifies itself as a Vlance adapter when a virtual machine boots, but initializes itself and functions as either a Vlance or a vmxnet adapter, depending which driver initializes it. VMware Tools versions recent enough to know about the Flexible network adapter include the vmxnet driver but identify it as an updated Vlance driver, so the guest operating system uses that driver. When using the Flexible network adapter, you can have vmxnet performance when sufficiently recent VMware tools are installed. When an older version of VMware Tools is installed, the Flexible adapter uses the Vlance adapter (with Vlance performance) rather than giving no network capability at all when it cannot find the vmxnet adapter.
  • e1000 — e1000 is a faithful virtual implementation of a physical network adapter that is broadly supported by newer operating systems, specifically most 64bit operating systems and both 32 and 64bit Windows Vista. e1000 performance is intermediate between Vlance and vmxnet.
  • Enhanced vmxnet — The enhanced vmxnet adapter is based on the vmxnet adapter but provides some high-performance features commonly used on modern networks, such as jumbo frames. This virtual network adapter is the current state-of-the-art device in virtual network adapter performance, but it is available only for some guest operating systems on ESX Server 3.5. This network adapter will become available for additional guest operating systems in the future.

    • 32/64bit versions of Microsoft Windows 2003 (Enterprise and Datacenter Editions). You can use enhanced vmxnet adapters with other versions of the Microsoft Windows 2003 operating system, but a workaround is required to enable the option in the VI Client. For more information, see Enabling enhanced vmxnet adapters for Microsoft Windows Server 2003.
    • 32bit version Microsoft Windows XP Professional
    • 32/64bit versions Red Hat Enterprise Linux 5.0
    • 32/64bit versions SUSE Linux Enterprise Server 10
    • 64bit versions Red Hat Enterprise Linux 4.0

    Enhanced VMXNET is supported only for a limited set of guest operating systems:

Adapter Caveats
  
This section discusses some potential issues you might have.
 

 

Migrating virtual machines that use enhanced vmxnet. Enhanced vmxnet is new with ESX Server 3.5. Virtual machines configured to have enhanced vmxnet adapters cannot migrate to older ESX Server hosts, even though virtual machines can usually migrate freely between ESX Server 3.0 and ESX Server 3.0.1.

Upgrading from ESX Server 2.x to ESX Server 3.x. When a virtual hardware upgrade operation transforms a virtual machine created on an ESX Server 2.x host to an ESX Server 3.x host, Vlance adapters are automatically upgraded to Flexible. In contrast, vmxnet adapters are not upgraded automatically because certain guest operating systems — specifically most or all Linux versions — do not reliably preserve network settings when a network adapter is replaced. Because the guest operating system thinks a Flexible adapter is still Vlance, it retains the settings in that case. If the upgrade were to replace a vmxnet adapter with a Flexible adapter, the guest operating system would erroneously discard the settings.
 
After the virtual hardware upgrade, the network adapter is still vmxnet, without the fallback compatibility of the Flexible adapter. Just as on the original older host, if VMware Tools is uninstalled on the virtual machine, it is unable to access its network adapters.

 

Network adapters on multi-boot Linux. The Virtual Machine Settings dialog box and New Virtual Machine wizard allow creation of only those virtual network adapters that are supported for the selected guest operating system. If you change the guest operating system, the existing network adapters are not affected. When you switch a multi-boot Linux system between 32bit mode and 64bit mode, a problem arises because most 32bit Linux versions do not support e1000 adapters while most 64bit Linux versions support only e1000 adapters. Consider configuring your virtual machine with one of each type of network adapter (e1000 and Flexible). You can then set up your guest operating system to use only the network adapter for which it has a driver in each mode.
 
You can add the second adapter any time the virtual machine is powered off, but you need to change the configured guest operating system type from 32bit to 64bit or vice-versa in order to be offered the other network adapter. Since changing that setting before rebooting into the other bit depth can potentially improve the efficiency of virtual machine scheduling, plan to change the guest operating system type setting before your first reboot into the other bit depth.

Adding virtual disks. Adding an existing older (ESX Server 2.x) virtual disk to an ESX Server 3.x virtual machine results in a de-facto downgrade of that virtual machine to ESX Server 2.x. If you are using ESX Server 3.x features, such as enhanced vmxnet or Flexible network adapters, the virtual machine becomes inconsistent. When you add an existing ESX Server 2.x virtual disk to an ESX Server 3.x machine, you should immediately use the Upgrade Virtual Hardware command to restore the virtual machine to the ESX Server 3 version.
Note: Executing Upgrade Virtual Hardware changes the ESX Server 2 virtual disk so it is no longer usable on an ESX Server 2 virtual machine. Consider making a copy of the disk before you upgrade one of the two copies to ESX Server 3 format.

If you must migrate a virtual machine between newer and older hosts, do not choose enhanced vmxnet but instead one of the older adapter types. Flexible or e1000 are offered whenever enhanced vmxnet is offered.

2009/05/04

synergy screen sharing system

Filed under: virtualization — Tags: , , , — iben @ 21:27

This is an oldie but goodie. I setup synergy today between two laptops on my desk and I no longer have to move my hands to go between one keyboard mouse and another. This is great!

http://synergy2.sourceforge.net/about.html

2009/04/30

TECHNOTE: VMware Converter Standalone v4

Filed under: virtualization — Tags: , , , , , — iben @ 07:55

VMware Converter Standalone

VMware converter is used for migrating Physical servers to Virtual Machines, Virtual Machines to Virtual Machines.

Directions for conducting a V2V or P2V for Windows Servers

1. Update or Open a tracking ticket to track progress
2. Ensure system is documented and monitored on portal
3. Notify stakeholders via DL – setup DL if needed
4. Login to the Machine to be converted
5. Run defrag and diskcheck if possible
6. Run Microsoft Update
7. Do a reboot test to ensure machine stability
8. Download VMware Converter Standalone version 4 – VMware-converter-4.0.0-146302.exe
9. Download Sysprep tools – unzip but do not run
10. Download NewSID – unzip but do not run
11. Download and run BGinfo – apply
12. Download and run treesize free and clean up unneeded files
13. Install VMware Converter
14. Copy Sysprep files to correct location – c:\documents and settings\all users
15. Launch VMware Converter
16. Import Machine
17. Select the device type; Physical Computer, Virtual Computer from ESX or VMware Workstation.
18. Enter in the remote IP address of the target:
19. Do not select Automatically uninstall the files when the import is successful
20. Select all the drives you wish to migrate to the new Virtual Machine
21. Select ESX or Virtual Center
22. Enter the Virtual Center and user credentials
23. Select the Virtual Machine name
24. Select the ESX host
25. Select the appropriate DataStore
26. Select the appropriate network
27. Check the box install vmware tools
28. If you desire to customize the settings, check the box.
29. Select Finish
30. When completed test new machine and configure.
31. Run newsid if new host names is needed… Keep in mind you cannot have two machines with same name or IP on same network.
32. Run BGinfo and apply again.
33. Verify reboot test and monitoring is functioning.
34. Verify system time.
35. Adjust services as needed.
36. Remove old hardware’s software.
37. Notify stakeholders when old machine is off and new machine is on.

See also: http://communities.vmware.com/thread/129871

2009/04/29

TechNote: duplicate IP address after P2V of Windows Guest with VMware Convertor

Filed under: virtualization — Tags: , , , , , , , , , — iben @ 15:17

This issue is coming up more as we convert Physical machines to Virtual.  It can also happen when you want to change from the old “Flexible” to the newer “Enhanced vmxnet” network adapters.

Flexible shows up in Windows Device Manager as an “VMware Accelerated AMD PCNet Adapter” and Enhanced vmxnet show up as “VMware PCI Ethernet Adapter”.  You may also see “Broadcom NetXtreme 57xx Gigabit Controller” from a Dell or other desktop.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1001805

  • Flexible — The Flexible network adapter identifies itself as a Vlance adapter when a virtual machine boots, but initializes itself and functions as either a Vlance or a vmxnet adapter, depending which driver initializes it. VMware Tools versions recent enough to know about the Flexible network adapter include the vmxnet driver but identify it as an updated Vlance driver, so the guest operating system uses that driver. When using the Flexible network adapter, you can have vmxnet performance when sufficiently recent VMware tools are installed. When an older version of VMware Tools is installed, the Flexible adapter uses the Vlance adapter (with Vlance performance) rather than giving no network capability at all when it can’t find the vmxnet adapter.
  • Enhanced vmxnet — The enhanced vmxnet adapter is based on the vmxnet adapter but provides some high-performance features commonly used on modern networks, such as jumbo frames. This virtual network adapter is the current state-of-the-art device in virtual network adapter performance, but it is available only for some guest operating systems on ESX Server 3.5. This network adapter will become available for additional guest operating systems in the future.

    • Networking Error, IP Address Already Assigned to Another Adapter
    KB Article 1179
    Updated Jan. 07, 2009
    Products

    VMware Converter
    VMware ESX
    VMware GSX Server
    VMware P2V Assistant
    VMware Workstation
    Details

    Why do I see an error message that “The IP address XXX.XXX.XXX.XXX…” is already assigned to another adapter?
    Solution

    Under certain conditions, you may see the following error message from a Windows guest operating system:

    The IP address XXX.XXX.XXX.XXX you have entered for this network adapter is already assigned to another adapter Name of adapter. Name of adapter is hidden from the network and Dial-up Connections folder because it is not physically in the computer or is a legacy adapter that is not working. If the same address is assigned to both adapters and they become active, only one of them will use this address. This may result in incorrect system configuration. Do you want to enter a different IP address for this adapter in the list of IP addresses in the advanced dialog box?

    In this message, XXX.XXX.XXX.XXX is an IP address that you are trying to set and Name of adapter is the name of a network adapter that is present in the registry but hidden in Device Manager.

    This can occur when you change a network connection’s TCP/IP configuration from DHCP to a static IP address if:

    * You have upgraded VMware virtual network adapters (for example when you migrate a virtual machine from an older to a new version of VMware software.)
    * You have added and removed network adapters multiple times.

    The cause of the error is that a network adapter with the same IP address is in the Windows registry but is hidden in the Device Manager (My Computer > Properties > Hardware > Device Manager). This hidden adapter is called a ghosted network adapter.

    Using the Show hidden devices option in the Device Manager (View > Show hidden devices) does not always show the old virtual NIC (ghosted adapter) to which that IP Address is assigned

    Microsoft addresses this issue in their Knowledge Base article 269155, which is available at the time of this writing at http://support.microsoft.com/?kbid=269155.

    To resolve this problem, follow these steps to make the ghosted network adapter visible in the Device Manager and uninstall the ghosted network adapter from the registry:

    1. Select Start > Run.
    2. Enter cmd.exe and press Enter. This opens a command prompt. Do not close this command prompt window. In the steps below you will set an environment variable that will only exist in this command prompt window.
    3. At the command prompt, run this command:
      set devmgr_show_nonpresent_devices=1
    4. In the same command prompt run this command:
      Start DEVMGMT.MSC (press Enter to start Device Manager.)
    5. Select View > Show Hidden Devices.
    6. Expand the Network Adapters tree (select the plus sign next to the Network adapters entry).
    7. Right-click the dimmed network adapter, and then select Uninstall.
    8. Close Device Manager.
    9. Close the Command Prompt

    Another method of resolving this problem is to use the DevCon utility. This is a command-line utility that acts as an alternative to Device Manager. When you use DevCon, you can enable, utility disable, restart, update, remove, and query individual devices or groups of devices.

    To use DevCon:

    1. Download the DevCon tool from Microsoft Knowledge Base: 311272 (http://support.microsoft.com/kb/311272/en-us).
    2. Unpack the 32bit or 64bit DevCon tool binary to a local folder.
    3.
    Click Start > Run.
    4.
    Type cmd and press Enter.
    5. Type CD:\path_to_binaries to navigate to the devcon.exe is located.
    6. Use the following syntax to find installed network adapters:

    devcon findall *net* or
    devcon listclass net

    Note: In the output of the previous commands, there is a line for the ghosted network adapter that is similar to, PCI\.
    7.
    Run the following command to remove the adapter:

    devcon remove @device\name

    For example, devcon remove “@PCI\VEN_14E4&DEV_1600&SUBSYS_01C21028&REV_02\4&378EDFA4&0&00E2” .

    Note: IDs that include an ampersand character (&) must be enclosed in quotation marks as seen in the example.

    8.
    Reboot the system and you no longer see the ghost network adapters.

    Product Versions

    VMware Converter 3.0.x
    VMware ESX 1.5.x
    VMware ESX 1.x
    VMware ESX 2.0.x
    VMware ESX 2.1.x
    VMware ESX 3.0.x
    VMware GSX Server 2.0.x (Linux hosts)
    VMware GSX Server 2.0.x (Windows hosts)
    VMware GSX Server 2.5.x (Linux hosts)
    VMware GSX Server 2.5.x (Windows hosts)
    VMware GSX Server 3.x (Linux hosts)
    VMware GSX Server 3.x (Windows hosts)
    VMware P2V Assistant 1.x
    VMware P2V Assistant 2.0.x
    VMware P2V Assistant 2.1.x
    VMware Workstation 3.x (Linux Hosts)
    VMware Workstation 3.x (Windows Hosts)
    VMware Workstation 4.x (Linux hosts)
    VMware Workstation 4.x (Windows hosts)
    Keywords

    urlz; migration; upgrade; 1179; ghost; hidden; NIC
    This Article Replaces

    converter NIC issue (1000212)
    Not able to remove ghost network adapter per the instructions in KB Article: 1179 (1003003)

    Subject: VMware: Solution for “The IP address XXX.XXX.XXX.XXX…” is already assigned to another adapter” error

    Go here:

    http://kb.vmware.com/selfservice/viewContent.do?externalId=1179

    2009/04/28

    VMware Security Compliance Tools

    Filed under: virtualization — Tags: , , , , , , , , , — iben @ 10:37
    This is a short list of Tools and Documents concerning security in a Virtual Infrastructure.
    Tools – page 1
    Documents – page 2

    Tools

    Configuresoft

    • Configuresoft’s Center for Policy and Compliance (CP&C) has led the industry in forming opinion and bringing together published security and compliance information to build a rich library of compliance toolkits that are available for download by Configuresoft customers from www.configuresoft.com. These CP&C Compliance Toolkits include:
    • VMware Infrastructure 3 Security Hardening Guidelines and VMware Virtual Center Best Practices
    • FISMA Compliance Toolkit for Virtual Computing
    • GLBA Compliance Toolkit for Virtual Computing
    • HIPAA Compliance Toolkit for Virtual Computing
    • Sarbanes-Oxley (404) Compliance Toolkit for Virtual Computing
    • DISA STIG Compliance Toolkit for Virtual Computing
    • http://vmblog.com/archive/2008/04/08/configuresoft-expands-security-and-compliance-coverage-to-include-cis-vmware-esx-3-x-server-benchmark.aspx

    HyTrust

    HyTrust Appliance – http://www.hytrust.com/product/overview

    • The HyTrust™ Appliance offers IT managers and administrators of virtual
      infrastructure a centralized, single point of control and visibility for:
    • configuration management
    • compliance auditing
    • access management
    • best practices
    • process workflow
    • security controls

    TripWire

    http://www.tripwire.com/solutions/virtualization/

    ConfigCheck

    • ConfigCheck rapidly assesses the security of ESX 3.0 and 3.5 hypervisors compared to the Virtual Infrastructure 3 Security Hardening Guidelines.
    • ConfigCheck assesses nearly 100 configurations of the ESX server, and most VI professionals who run the test find significant vulnerabilities. ConfigCheck’s remediation report provides detailed, step-by-step guidance to bring your virtual environment into a state that is secure. ConfigCheck helps you:
      • Ensure recommended ESX configurations
      • Discover possible vulnerabilities
      • Deploy virtualization safely and securely
      • Increase security posture of the entire enterprise
      • Reduce configuration drift
    • http://www.vwire.com/free-tools/configcheck/

    VMinformer

    • VMinformer is a security tool designed to check the security posture of your VMware environment. The tool comes with pre-defined policies that can be customized to suit your specific requirements and are based on industry best practices such as ‘VMware’s Security best practice hardening guide’ and the ‘DISA ESX STIG’ hardening guide. The policies also contain rules that have been based on extensive research and industry experience.
    • Features:
    • Connects to your ESX hosts or Virtual Center (v3.0, 3.5 and VC 2.5)
    • Pre-defined policies based on industry best practices (VMware security hardening guide)
    • Policies can be customized for your environment
    • Provides full visibility and monitoring of your ESX hosts and Virtual machines
    • Dashboard – Provides a graphical overview of VM’s and Security Posture
    • Reporting
    • Remediation guidance

    (more…)

    2009/04/19

    Cracking Cisco Passwords with John the Ripper

    Filed under: Uncategorized — Tags: , , , , — iben @ 19:12

    InfoSec Survival Guide: Cracking Cisco Passwords with John

    http://infosecsurvivalguide.blogspot.com/2008/11/cracking-cisco-passwords-with-john.html

    http://www.openwall.com/john/pro/macosx/

    http://www.macshadows.com/forums/index.php?showtopic=8506

    John the Ripper 1.7.3.1
    http://mac.softpedia.com/get/Security/John-the-Ripper.shtml

    John the Ripper 1.7.2 for G4 PowerPC, G5 PowerPC and Intel Macs (Universal Binary) (released 11/30/07)
    http://www.macunix.net/JTR/john-1.7.2-macosx-universal.zip

    Download the pre-patched (for OS X salted SHA1 hashes too) pre-compiled version of John the Ripper here:
    http://www.macunix.net/JTR/

    Unzip the archive.

    Open Terminal.

    Drag the file “john” from the folder “run” from within the unzipped “john-1.7.2-macosx-universal” folder to the Terminal window and let go.

    Type a space.

    Drag the text file containing your hash ( student:078D486A55E9922772C7F6F46113038E4800D6EDF4D31720 ) to the Terminal window and let go.

    Click back in the Terminal window and press the return key.
    QUOTE
    Loaded 1 password hash (Salt SHA1 [salt-sha1])
    barlow (student)

    BGinfo

    Filed under: virtualization — Tags: , , — iben @ 16:37
    BGINFO Screen Shot

    Since we’ve been setting up a lot of virtual desktops, terminal servers, and windows machines accessed remotely with RDP/MSTSC it’s easy to get confused about what desktop you’re looking at.

    Download the free BGINFO tool from Microsoft’s Sysinternals web site and run this command in a batch file or other login script to set a nice back ground wall paper that tells you the IP address, host name, DHCP Server, MAC address, etc.

    BgInfo v4.15 – By Bryce Cogswell – Published: March 30, 2009
    http://download.sysinternals.com/Files/BgInfo.zip

    bginfo.bgi

    :: Create a shortcut or put this line into a file named bgset.cmd and then run that during login or system configuration:
    %windir%\bginfo %windir%\bginfo.bgi /silent/nolicprompt /accepteula /timer:0

    « Newer PostsOlder Posts »

    Powered by WordPress