Blog: Networking

Many times, through the natural evolution of a virtual machine under VMWare, the data store names are not related to the name of the virtual machine. You can "rename" these data store names by "cloning" the machine. This process will re-align the machine name and the data store names.

One of our employees had a Lenovo ThinkPad T60 laptop that had the nifty "feature" where he could not boot into Windows without having the laptop plugged into power. In addition, when he removed power from the laptop, the system would hang. My testing was able to narrow that down further to where if the laptop was not plugged into external power AND there was no live Ethernet cable plugged into the NIC, these symptoms would arise. After updating drivers and the BIOS and checking the ThinkVantage Power Management settings, I found a setting in the driver advanced properties called "Deep Smart Power Down". The way this feature was intended to work is to save battery power when there is no active cable plugged into the NIC. Unfortunately, what usually happens is that the system locks up during the "hot-swap" remove session that Windows sees when DSPD runs. Disabling this setting resolves the problem quite nicely and everything is running off of battery like it's supposed to. [more]

http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-63677

About 2 weeks ago a new botnet worm called "psyb0t" was discovered according to DroneBL blog post (http://www.dronebl.org/blog/8).  This worm appears to be the first botnet worm to specifically target routers and DSL modems.  It is believed the worm has been active since at least January, and it is estimated that more than 100,000 hosts have been infected so far.  The worm was first discovered by DroneBL as part of an investigation into the DDoS attacks against DroneBL's infrastructure.  A few of the malicious things the worm is designed to do include; harvest account information (usernames & passwords) through deep packet inspection, attempt to brute-force accounts, and can scan for exploitable phpMyAdmin and MySQL servers.

Using TCL on Cisco devices: TCL is a powerful programming language that can be used to many tasks.  You enter the TCL environment by entering the tclsh command.  You exit by entering tclquit.  Here is a command you can use to create file on a router.  For text files, this could be much easier than getting a tftp for tfp server available to use.  First enter tclsh to get into TCL.  Enter this command but do not press Enter after the line.  Substitute the file name and location for flash:test

puts [open "flash:test" w+] {

[more]Enter or paste in your text in right after the {.  When finished, enter } and press Enter.  Then enter tclquit to exit out of the TCL environment.  If the text you are entering contains an unmatched right curly brace }, this will not work since this will terminate the input.  Also, TCL variables being with a dollar sign $, so you cannot use those either.  If you are pasting in a configuration, then usually passwords are the only lines that will give problems.

Many TCL scripts have been written, including a simple editor.  I am not sure what versions of IOS include TCL – the feature navigator does not match what I have seen.  A nice introduction to TCL on Cisco is http://www.netcraftsmen.net/welcher/papers/iostcl01.html, which has links to some Cisco pages.  Learn more about TCL at http://tcl.tk.

By default, ISA only allows outbound SSL over port 443.  To add additional ports you have to run a script.  This script is documented at http://support.microsoft.com/kb/283284.  The ISA firewall service must be restarted for this change.  There are several example scripts available online, but be careful because some of these scripts may restart the firewall service for you.

Do you know where your data is? Recently I had a user who was looking to deliver a message that had been caught in her Postini Spam Quarantine 8 days prior, but when she logged in and viewed her Spam Quarantine, the message wasn’t there. She must have deleted it from her quarantine on accident. Performing my due diligence, I wanted to confirm that the message was in fact there at one time. I found her Spam Quarantine Email Summary that did indeed show the email in question in her quarantine. Out of curiosity I clicked the “Deliver” link (in the quarantine summary email ) that was next to the sought after email. Lo’ and behold, up pops the desired email in her Inbox!

A follow-up support call to Postini confirmed that Postini keeps all quarantined email in their system for two weeks, even if you delete an email from the quarantine then also “permanently delete” the email from the trash section. This retention period can be changed from 14 to 28 days, but a support call is required to make this change and once changed it cannot be reverted back to 14 days.

This is a very painless way to install Ubuntu without partitioning your HD, installing a different bootloader, and without the use of Virtual Machines.  You can get the downloader at http://wubi-installer.org.

Wubi will download and install the newest release of Ubuntu for you.  All you do is give it a password and it pretty much does the rest.  When you reboot you will see the choice to boot into Ubuntu or Windows.  It makes a file on the hard drive (like a virtual machine) instead of using a partition, and can be removed at anytime from Add/Remove Programs in Windows.

All in all, this is a pretty slick way to try it out.

Note: If you are installing Wubi on Windows 7, install the program with compatibility mode set to ‘Vista’ or else it will not modify the Windows boot loader correctly.

I was installing a 64bit VM in ESX Server 3.0.2.  When attempting to load the ISO file to install the OS, I got a cryptic ‘Host CPU’ error in VI client.  Searching a number of forum posts, I decided to check the BIOS setting on that DL380-G5 for the CPU Virtualization Technology.  Sure enough, it was disabled and enabling let me get past the ‘host CPU’ error and load the OS.  I noticed in the posts that many people were saying older Proliants had this setting enabled, while newer models had the setting disabled.  This setting should be enabled for systems acting as VM hosts (ESX, ESXi, Hyper-V, etc), so be sure to check that setting, regardless of how new the server is, before installing your VM guests.

Also, a quick note that these CPU BIOS settings (VT, No-Execute memory protection, etc) should be consistent across any systems being used for V-Motion.

I've recently been trying out the PuTTY Connection Manager and I think it's a very useful tool. What I find most useful is the ability to store the connection information for all of the routers/switches that you connect to regularly similar to VissionApp or RoyalTS does for terminal servers. It is currently a work in progress but the beta version is pretty stable. You can download it for free here: http://puttycm.free.fr/