At this years VMware Explore 2024 in Barcelona, I did a presentation called CMTY1321BCN: Beware Of The Rogue VMs!, a recording of the session is also available on the VMware Explore 2024 Community YouTube channel. Here is a quick text based recap of it.
This last week I attended VMware Explore 2024 in Barcelona. While at was at the conference, I had a small ESP32 board with an external antenna in my backpack, connected to a powerbank. The sole purpose of this little device, was to provide some fun random WiFI SSID’s, and to see if anyone actually connected to it.
For a while now I’ve been looking at travel routers, in order to have something small and portable I can bring with me wherever I go. After some research, I ended up purchasing a GL-iNet Opal (GL-SFT1200) Travel Router. The device seems to tick all the boxes for my requirements, including WireGuard VPN and DNS encryption
Back in 2018 I outlined My Pi-Hole Setup and while the setup is still mostly the same some things have naturally evolved from there. That being said, Pi-Hole has been rock solid for all these years, and is still my main go-to for blocking ads and trackers from my home network devices. Since that post from 2018, I have done a few changes.
Since baselines are deprecated in vSphere version 8 and baselines are restricted to only VMware-provided content after ESXi 7.0.3 Update P I helped one of my customers to move over to image based updating via vLCM. This has not gone by without any issues as mentioned in my previous post.
This time I was updating a 7.0.3 installation of ESXi to Update Q and got stuck on a driver issue that I had not seen before: “Downgrades of manually added component Mellanox Native OFED ConnectX-3 Drivers (3.19.70.1) in the desired ESXi version are not supported”.The content catalog for VMware Explore 2024 Barcelona is now live! Scheduling will open on the 24th of September 2024, but you can start favouriting sessions now for easy access.
I was updating one of my customer’s environment to vCenter 8.0 Update 3a today and was moving from the old vSphere Update Manager Baselines over to image based updating via vSphere Lifecycle Manager (vLCM), but the compliance check stopped at 30% for some reason.
Microsoft has caused some noise today with CVE-2024-37085, which explains a well known feature in vSphere. A feature that has been available since vSphere 5.1 came out in September 2012 (no, that is not a typo, it is in fact 12 years old!). The feature in question is that if an ESXi host is joined to an Active Directory domain, it will by default look for an AD security group called ESX Admins and grants every member of that security group root access to the host.
VMware by Broadcom recently published a blog post called Where did my VMware Security Advisories go? outlining the location changes for the VMware Security Advisories (VMSAs), making clear that from May 6th 2024, they are moved to the Broadcom Support Portal.
While this was anticipated as part of the content transition following the acquisition, it was not anticipated that the VMSAs would be moved into a walled garden that required a login. While it was free to create an account, and get access to the advisories, this was a move that caused some uproar and controversy.Thankfully VMware by Broadcom has reconsidered the login requirement, and the advisories are again easiliy accessible for everyoneIn a new blog post by Broadcom CEO Hock Tan VMware by Broadcom promises that they will continue to provide security updates for VMware vSphere and other products for all customers who are running the old perpetual licenses, even if those customers don’t transition to the new subscription based license model.
About
vNinja.net is the digital home of Christian Mohn and Stine Elise Larsen.
The primary focus is on IT architecture and data center technologies like virtualization and related topics, but other content also pops up from time to time.Sponsors
