A lot of talk about heartbleed lately with OpenSSL. Plenty of blogs talk about it, but I wanted to see what can actually be scraped.
This morning I talked a friend of mine I grew up and went to University of Kentucky with that graduated from DePaul with a masters in network security, Austin Diener (@diener) I figured he would be the best place to start for this fact finding mission. He led me to this script located on github OpenSSL heartbeat PoC with STARTTLS support.
It's a pretty simple script, point it at your ESXi server with port 443 and watch the magic happen.
NOTE: this server is on my LOCAL LAN in a test environment. I don't care if you try to reverse engineer this garbage. (proceed to the bottom for more information)
It's been really long overdue. How overdue you ask? Well, kendrickcoleman.com was originally built on Joomla 1.5. Joomla 1.6 was released in January of 2011 and the effort to upgrade would have been just as tough as this move to Joomla 3.2. Joomla 1.5 went completely EOL in April of 2013 so no new patches or security releases were going to come out.
So why make the jump? Joomla 3 has really good responsive templates based on Twitter Bootstrap so it works well on any device. In addition, Joomla 1.5 had some major security flaws but I was lucky enough to never get attacked. It was also a good time to give the website a fresh new look that conforms to some modern design.
The toughest piece of this migration is that there is no "in-place" upgrade. I have tried to upgrade my site a few times over the past year but it came with sub-par results. All the free tools just never seemed to work good enough. So I finally opened up my wallet and paid for the MigrateMe plug-in. It wasn't cheap, but in the end it was worth every penny. It kept literally everything in tact. Articles, sections, banners, components, stats, etc all migrated over. There were a few anticipated hiccups but it went fairly well.
2 weeks ago, Brian Gracely (@bgracely) shared some information with me talking about the changing landscape of DevOps and it hit spot on. Brian showed a picture of a book titled The New Kingmakers, How Developers Conquered The World. I had never heard of it before so I wanted to explore, and to not spoil it completely, it did not disappoint. The book is pretty short at 57 total pages and has a whopping cost of only $3 on Amazon. There's no reason why anyone can't read this book because I was able to finish it on a 3 hour flight (and I'm a slow reader).
So what's new in version 1.3? Not a whole lot of functionality, but a heck of a lot of eye candy.
Changed the homepage to include a few kudos from my friends @JohnnieITatDell, @herseyc, and @vNelsonTX. I appreciate the kind words fellas! I hope you don't mind me plastering your face on my website for my own personal gain :). Do you want your face on the homepage? Tweet me something nice to @KendrickColeman.
We need to create some Amazon AWS IAM credentials. I think everyone in the world has an Amazon.com login. But you need to go a step further if you have never used Amazon AWS for EC2 or S3. Basically enter some credit card information so you can get rolling.
After you joined AWS you should have a dashboard that looks like this showing all the available services to you.
Doesn't cost anything to join (except maybe a few spam emails from Yahoo!) but this is all in good fun. You can also go ahead and fill out a bracket for the billion dollar challenge as well from Yahoo!.
The winner will get something. I'm not sure what it will be yet. But I know I've got a few books and some trainsignal DVDs sitting around that could use a good home.
So c'mon, join in the fun and fill out a bracket! Picks MUST BE LOCKED BY THURSDAY SO DO IT QUICK! I don't care if you are at work. I know you're boss is filling out brackets anyway.
How To Install vCloud Automation Center (vCAC) 6.0 - Part 7 - Setup vCO, Endpoints, and Advanced Services
We are now going to configure the vCO and Advanced Blueprinting service. This is really where we can extend the capabilities of vCAC to do almost anything. vCenter Orchestrator will be the main focus here.
At this point you should have finished the previous 6 steps:
My wife recently signed our family up for Netflix, and ever since then I've been perusing the catalog late at night trying to find something interesting that isn't a pre-2000 era movie. There's a few different "Best of 'TED Talks'" so I decided to give it a whirl. The first one I watched was called "Life Hacks". I was immediately dialed in from the different ways people view everyday situations. Heck, one of my favorite ones was Terry Moore: How to tie your shoes and I realized I had been tying my shoes the wrong way my entire life. But there was another one that hit home for me.
Sheena Iyengar (@Sheena_Iyengar) is a Professor at the Columbia Business School, a graduate of Stanford University, and has an extensive list of published works and research studies. A few years ago, she gave a famous TED Talk called How to make choosing easier. It has received 1,000,000+ views on TED.com and YouTube. She discusses research findings from case studies done by choices that CEOs and individuals such as you and I make on a daily basis. As well as the choices that are made when we are given a set amount of options. I would encourage you to watch the entire 16min segment (atleast the first 7 minutes), but I'll summarize in the next paragraph.
In the realm of virtualization, the majority of us have been implementing VMware. VMware has consumed around 90% of my attention over the past few years. This is why we are intrigued to read Duncan and Frank's books on in-depth HA and DRS technical algorithms. In 2013, a lot of attention has shifted away from a primary VMware focus and more Hyper-V and KVM discussions are happening. Hyper-V for cost reductions and feature parity, but KVM for native OpenStack integration. OpenStack has garnered much attention in 2012 & 2013 and will most certainly evolve more in 2014. The one thing we can see here is that the hypervisor market isn't big. At this point, we have a choice of 3 (i know there are more) "production-ready" hypervisors and we must choose how to manage them. Choosing a strategy is a very big decision for many. Have you considered how your hypervisor strategy will take part in your networking strategy over the next few years? As you can guess, the days of caring about in-depth HA & DRS inner-workings, vSphere architecture diagrams, and more has fallen to about <30% of my attention span.
The days of the command-line IOS junkie are doomed, but the world of software-defined networking is in infancy. Many of the people I follow on twitter have a narrowed view of this landscape. Particularly, VMware's acquisition of Nicera (NSX) is what made everyone start caring about SDN in the first place. Not going to lie, I was a green-horn myself and still am. I don't want to be the bearer of bad news, but NSX isn't the only player in this game. In fact, there are lots! We primarily hear about the big ones coming from the tech giants such as Cisco, HP, and Juniper, but it's also worth noting that there are plenty of others out there with competing (and sometimes even better) technology. SDN is the new wild west frontier and only a few will come out victorious with a large grasp on the landscape.
Over the past 2 weeks I've been working on implementing a new feature that was requested by Christian Mohn (@h0bbel) on the the vSoup Podcast. This new feature will hopefully allow you to create more JumpSquares faster.
Version 1.2 (1.9.14)
Added Nmap Scan XML functions. Upload Nmap XML file to create JumpSquares quickly.
Changed a bunch of deprecated Rails 3 warnings to be Rails 4 compliant.
Uploaded new wiki appliance with all new functionality and Debian Wheezy patches
Fixed bootstrap modal appearing on right side of screen
Nmap is a free tool used to perform port scanning on a network. To get started, download Nmap for Windows, Mac, or Linux and install it on your system.