As mentioned before, I’ve kinda turned my home lab into some sort of Slack-Ops deal, where various services in my home lab notify me of events in a private Slack channel. The latest rendition of that, is adding Slack notifications from phpipam. Once phpipam detects a new device picking up an IP in my network, it notifies me like this: In order to get this working, I had to edit the /var/www/phpipam/functions/scripts/discoveryCheck.
This is a simple program to log login attempts on Telnet (port 23). It's designed to track the Mirai botnet. Right now (Oct 23, 2016) infected Mirai machines from around the world are trying to connect to Telnet on every IP address about once per minute. This program logs both which IP addresses are doing the attempts, and which passwords they are using.
For those still unaware of what the Mirai botnet is, it’s basically malware that scans for vulnerable devices with port 23 (telnet) open to the outside world, and tries to log on with known hardcoded credentials.
VMworld Europe 2016 in Barcelona is a couple of weeks old now, and most of the dust has settled. Besides the general announcements around vSphere 6.5 and surrounding products, the next big thing might just be Cross-Cloud Architecture and of course VMware Cloud on AWS. The announcements around vSAN 6.5 (yes, it is now vSAN and not Virtual SAN/VSAN anymore), are also very interesting. Perhaps it’s time I revisit my earlier VMware VSAN; More than meets the eye post and update it for vSAN 6.5?
After yesterdays announcement of VMware Cloud™ on AWS everyone and their distant relatives have published their opinion pieces on the relevance of the deal, and what who got the short end of the stick in this deal. I guess this is my attempt, or me too post if you will.
I’m using Slack to alert and log a few things in my environment, and one of the things I use it for is to alert me if someone logs on via SSH to my public facing Jumphost.
For a good walkthrough on how to set up such a host, check out Tunnel all your remote connections through ssh with a linux jumpbox by Luca Dell’Oca.
Just like Lior Kamrat I’ve set up my own private Slack for messaging and alerting from various services running both in my lab and some external facing services. It’s only been running a few days, but so far it works brilliantly and helps me keep track.
VMworld Europe is just a couple of weeks away now, and I can’t wait to spend a week in sunny Barcelona. Last year my trip got cancelled in the last minute, but that will not be the case this year.
As usual I’m looking forward to a bunch of sessions, and general announcements, but for me the value of attending VMworld is in the networking with other people. Sessions and keynotes can be reviewed later, interacting with others can not.