Inspired by Scott Lowe’s Technology Short Takes, Duncan Eppings Recommended Reads and Michael White’s Newsletter here is my attempt at a weekly roundup of things I found interesting the last week or so.
As mentioned before, I’ve kinda turned my home lab into some sort of Slack-Ops deal, where various services in my home lab notify me of events in a private Slack channel. The latest rendition of that, is adding Slack notifications from phpipam. Once phpipam detects a new device picking up an IP in my network, it notifies me like this: In order to get this working, I had to edit the /var/www/phpipam/functions/scripts/discoveryCheck.
Robert Graham of erratasec has created a small honeypot tool called telnetlogger.
This is a simple program to log login attempts on Telnet (port 23). It's designed to track the Mirai botnet. Right now (Oct 23, 2016) infected Mirai machines from around the world are trying to connect to Telnet on every IP address about once per minute. This program logs both which IP addresses are doing the attempts, and which passwords they are using.
For those still unaware of what the Mirai botnet is, it’s basically malware that scans for vulnerable devices with port 23 (telnet) open to the outside world, and tries to log on with known hardcoded credentials.
VMworld Europe 2016 in Barcelona is a couple of weeks old now, and most of the dust has settled. Besides the general announcements around vSphere 6.5 and surrounding products, the next big thing might just be Cross-Cloud Architecture and of course VMware Cloud on AWS. The announcements around vSAN 6.5 (yes, it is now vSAN and not Virtual SAN/VSAN anymore), are also very interesting. Perhaps it’s time I revisit my earlier VMware VSAN; More than meets the eye post and update it for vSAN 6.5?
After yesterdays announcement of VMware Cloud™ on AWS everyone and their distant relatives have published their opinion pieces on the relevance of the deal, and what who got the short end of the stick in this deal. I guess this is my attempt, or me too post if you will.
Since I set up a public jumphost for my homelab/network, I’ve been looking for an easy way to manage my SSH tunnels. After trying a couple of different managers, I’ve chosen to use Secure Pipes.
Did you know that Dell has a bootable linux ISO with firmware upgrades for their servers available? Neither did I, but luckily I found it today when needing it at a customer site.
I’m using Slack to alert and log a few things in my environment, and one of the things I use it for is to alert me if someone logs on via SSH to my public facing Jumphost.
For a good walkthrough on how to set up such a host, check out Tunnel all your remote connections through ssh with a linux jumpbox by Luca Dell’Oca.
Just like Lior Kamrat I’ve set up my own private Slack for messaging and alerting from various services running both in my lab and some external facing services. It’s only been running a few days, but so far it works brilliantly and helps me keep track.
VMworld Europe is just a couple of weeks away now, and I can’t wait to spend a week in sunny Barcelona. Last year my trip got cancelled in the last minute, but that will not be the case this year.
As usual I’m looking forward to a bunch of sessions, and general announcements, but for me the value of attending VMworld is in the networking with other people. Sessions and keynotes can be reviewed later, interacting with others can not.
About the author
Christian Mohn works as a Chief Technologist SDDC for Proact in Norway.
See his About page for more details, or find him on Twitter.
Sponsors
