isthewebsitedown if you are asking, probably not. if I am asking, probably so

30Apr/101

VMWare standalone server checklist

This list assumes a Dell PowerEdge R710 with no SAN. Similar steps would  be required for any VMware host.  After unboxing server and setting it up on the bench boot it up.

  1. Hit f10 to configure  your RAID, if needed. Reboot.
  2. Download and install firmware updates for RAID controllers and backplanes. Reboot.
  3. Enter bios and turn on virtualization support on the processor. Reboot.
  4. Configure iDrac IP settings and password (Ctrl-e at the prompt). Reboot and test access via the web console. Default username/password is root/calvin
  5. Boot to ESX 4.0 installer disc, go through installation prompts with defaults. Remove disc and reboot.
  6. After reboot, log in to the console, set IP information and password.
  7. On a machine on the same network, go to https://<server IP> and download the appropriate vsphere client for the version of VMWare ESXi you are running, if needed. Install the host update utility.
  8. Log in to the server via the vsphere client and enter your serial number. Select the host IP in the left hand panel, choose the configuration tab on the right hand panel, then select "licensed features" on the left and then choose edit in the top right corner. Enter your key. If you don't have one, get it from VMware.
  9. Configure your NTP server. Exit vSphere.
  10. Open the host update utility, connect to your new host, scan for patches and install them. Run through this process until you can do it twice and find no new patches.
  11. If needed, open vSphere and configure networking (vlans)
  12. Create an ISO directory on your data store, copy needed ISO files to that folder using either the store browser or the Veeam SCP utility.
  13. Build your VM. Configure startup options for the vm if needed.
  14. Install the vmware tools for the server in question.
Filed under: Hyper-V, Utils, VMWare, Windows 2008 1 Comment
1Dec/091

Download HKCRScan.exe tool for troubleshooting MS Article ID 823159

Users were getting a "HTTP/1.1 503 Service Unavailable" on both https://<servername>/Exchange , https://<servername>/Public and on https://<servername>/microsoft-server-activesync, they get a login prompt and then a "HTTP 501/HTTP 505"

The below tool should be run from the command prompt. It should identify and remove registry keys over the 259 character limit. It will kick back any errors. If you have null keys (keys that are faulty but unremovable), you can use RootKitRevealer from sysinternals and get rid of them. I understand that regdelnull can do something similar, but in this case, it was a corrupt key, not a key with null characters.

In my case, the affected key was relating to the driver for the Intel storage controller (VEN_8086&DEV_24D3&SUBSYS_458015D9&REV_02). Not cool. I could not delete or rename the key and could not set/view permissions on it. Ran RootKitRevealer, which caused a stop error/reboot (crap) but successfully removed the key. IN OTHER WORDS, DO NOT DO THIS IF YOU DO NOT HAVE A TESTED BACKUP.

"To help troubleshoot this issue, run the HKCRScan tool (HKCRScan.exe). The HKCRScan tool enumerates the HKEY_CLASSES_ROOT registry hive to locate subkeys that contain more than 259 characters. Additionally, HKCRScan helps determine if there is an invalid discretionary access control list by returning error code 0x5. This error code means "Access denied" when it enumerates a registry key. The HKCRScan tool is an internal tool developed by Microsoft."

Download: HKCRScan

Filed under: Exchange 2003, Utils, Windows 2003 1 Comment
25Nov/090

Most useful new content to come from Yahoo(!) in years.

This is a very good overview of the public DNS system. (Update: link has been moved here) Kinda gives you a feel for the fragile nature of the beast. Also, it gives some great information on the role that crap DNS plays in hidden performance problems.

Of course, I love using OpenDNS for testing, as most ISP's DNS servers just plain suck.

Filed under: DNS, Utils No Comments
23Nov/090

Imagine if someone could compete with Wal-mart on price….

They can't of course. But just imagine that they could.

Because that is exactly what the new wave of web services are doing. See, when you write code, it doesn't normally cost you much to use it the 2nd through 9 billionth time. That first one is expensive. Stores like Amazon.com make money hand over fist because they have innovated on so many levels that they have become almost unstoppable at what they do. But thousands of little sites are popping up everwhere that are undercutting the established market leaders. Mint.com is attacking Quickbooks. MailChimp can beat out ConstantContact for most smaller tasks for free. freepdfconvert.com can handle most of the tasks that people use Acrobat Standard or Pro for.

Most people don't need a Swiss Army knife. They really just want a great knife or can opener when they need it, preferably one that is easy to use and even better, free. By focusing on very simple, individualized tasks, people can pretty easily reduce the cost of that first roll out of the software and then make a small amount on advertising revenue from there out. Expenses are very low (as are expectations), and changes can be made rapidly based on feedback.

In order to take down a skyscraper, you can either try to attack it broadside with a wrecking ball or you can go after the foundation with a super soaker.

Filed under: Utils No Comments
23Nov/090

Upgrade path from Symantec Endpoint Protection 11 Trialware to Full Version…

There isn't one. That is all.

Source

Filed under: Security, Symantec Endpoint Protection, Utils No Comments
28Oct/090

Microsoft Virtualization Calculator

MS has released a calculator to help you figure out exactly what you will need in terms of licenses and dollars in order to meet your virtualization requirements. They have two calculators, one of which requires Silverlight (guess which one I did).  The calculators are VM-technology agnostic (meaning that they are the same whether you are using  hyper-v, VMWare, or VirtualBox)

On calculator 2, you can either put in the number of servers you have with the avg. VMs per server, or you can list each server individually, which is more likely to be the best scenario for smaller shops. In the below screencap, I entered in one dual Proc (note that cores are immaterial) physical server running 3 virtual machines.

Virtualization Results Example

Virtualization Results Example

It reports that we will need either 3 Standards, 1 Enterprise, or 2 Data center licenses (since Data center is licensed per proc).

The pricing columns report that the cheapest way to do this is with the 3 std licenses, but it you wanted to add a 4th vm, the Enterprise license would be cheaper. If you wanted to expand way beyond that in terms of Vm per physical server and core pair, the data center starts to be more cost-effective.

Both calcs are available here

Filed under: Hyper-V, Utils, VMWare, Windows 2008 No Comments
22Oct/090

MPack and how to stop it

MPack is a software kit written and marketed by Russian code writers. It is unusual because it is a) written in php and b) sold and updated as if it was a regular legitimate software product. People run it on their websites as a means to install keystroke loggers on vulnerable computers. It will work with Firefox and IE and will test the visiting browser to see which vulnerabilities are available for it to exploit. This thing gets updated monthly and there are even plugin modules you can buy and add on to it for a more effective attack. Most of the time, most people know enough to not go to the sites that end in .ru:8080 or other strange domain names. Unfortunately, the attack has adjusted its tactics to make itself more effective. If you have weak ftp passwords on your site or if they can get a keystroke logger on your computer to get your ftp password, they will write scripts that will automatically inject an invisible iframe onto every one of your html pages (php pages are less vulnerable, since they are frequently broken out into several php_includes.

This is scary stuff, and Google and other search sites will punish you in search rankings and with popups when people clickthrough to your site if they find out you have been compromised.

The software is constantly being updated, so this goes back to the lesson every server or site admin has to learn. Get updates out as quickly as possible on public facing sites. There is no such thing as a low-maintenance site.

  1. Update your software packages (wordpress, drupal, joomla, etc.) and any libraries that they may use (imagemagick, etc.)
  2. Update PHP and MySQL, as well as Apache or IIS. If you use a virtual or shared host, pressure them to keep their software updated. If they don't, switch to a new host or better yet, get a dedicated server or colo somewhere. It only looks expensive until you have to wait three days to have your ftp password changed because the support people at your $3.33 a month host need to escalate such a  complicated task to their senior engineers. And all that is after you tried to change the password through their web-based form and it didn't work. And they told you three times that it was changed. %^&*%^&*$   I am looking at you, IVChosting.com   ಠ_ಠ   Ahem.
  3. Use secure passwords and change them regularly, especially if you publish via FTP regularly.
  4. If you get compromised (it happens to everyone), change your FTP passwords immediately, preferably from a computer you do not typically use for publishing.
  5. Scan your computer for viruses with a different AV than you normally use. I like Malwarebytes anti-malware and Trend Micro's Housecall.
  6. From a different computer, re-upload the files for your site from your last good backup (you have a backup, right?)
  7. If you don't have a backup, download all the htm and html files to a Windows based computer and do a find and replace for any iframes that reference an external site. If you have legitimate iframes to external sites you should know what they are, and they will probably be larger than 0 by 0 pixels. Notepad ++ has a great feature for doing find and replace across multiple files in multiple directories.
  8. If, like most people, you are concerned because Google tagged you as a badware site, you will need to log in to their webmaster tools and set up your site on your account. Then you can request a review, where they will check your site for lingering traces. This is a slow process, so the sooner you get started the better. They will remove the flag when they determine that your site is clean.
Filed under: Security, Utils No Comments
15Oct/090

Check a file for viruses

Earlier today, a co-worker forwarded a file he felt was suspicious to me and another tech. It was a zip file, which is an old trick for getting around the restrictions that most companies have for sending or receiving EXE files.

A quick scan on VirusTotal showed that it was indeed malware and that as of 10-15, only about 32% of virus scanners were currently catching it, a percentage that did not include McAfee or AVG, but did include Symantec.

Click here for the specs on the virus in question. Here is a list of the engines that voluntarily participate in this helpful service. No guarantees of course, but with the way these things spread, it is best to be safe.

Filed under: Utils No Comments
14Oct/090

in case you are looking…

This site will actually tell you if a site is really down or just down for you...

http://downforeveryoneorjustme.com/

Filed under: Utils No Comments
   

Categories

Archives

Blogroll

Meta