Strict Standards: Declaration of Walker_Page::start_lvl() should be compatible with Walker::start_lvl(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 576

Strict Standards: Declaration of Walker_Page::end_lvl() should be compatible with Walker::end_lvl(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 576

Strict Standards: Declaration of Walker_Page::start_el() should be compatible with Walker::start_el(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 576

Strict Standards: Declaration of Walker_Page::end_el() should be compatible with Walker::end_el(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 576

Strict Standards: Declaration of Walker_PageDropdown::start_el() should be compatible with Walker::start_el(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 593

Strict Standards: Declaration of Walker_Category::start_lvl() should be compatible with Walker::start_lvl(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 687

Strict Standards: Declaration of Walker_Category::end_lvl() should be compatible with Walker::end_lvl(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 687

Strict Standards: Declaration of Walker_Category::start_el() should be compatible with Walker::start_el(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 687

Strict Standards: Declaration of Walker_Category::end_el() should be compatible with Walker::end_el(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 687

Strict Standards: Declaration of Walker_CategoryDropdown::start_el() should be compatible with Walker::start_el(&$output) in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/classes.php on line 710

Strict Standards: Redefining already defined constructor for class wpdb in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/wp-db.php on line 58

Deprecated: Assigning the return value of new by reference is deprecated in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/cache.php on line 99

Strict Standards: Redefining already defined constructor for class WP_Object_Cache in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/cache.php on line 404

Deprecated: Assigning the return value of new by reference is deprecated in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/query.php on line 21

Deprecated: Assigning the return value of new by reference is deprecated in /homepages/15/d244775686/htdocs/TDBASHome/BlogHome/BFBlog/wp-includes/theme.php on line 576
Microsoft
Aug 10

Black Hat and DefCon, the premier Information Assurance venue for bleeding edge vulnerability and exploit research just wrapped up in Las Vegas.

The Good: The published presentations including a host of discussion about security in a virtualized environment, the sad state of Microsoft SQL Server security, and much, much more. Topping it all off was the announcement of the Windows Vista security bypass exploit via the browser by Mark Dowd and Alexander Sotirov. This is a particularly bruising find on Microsoft’s latest flagship, as it is quite a resource consumer, fairly annoying to use, but at least it was secure… Maybe now is a good time to try Ubuntu?

The Bad: The Pwnie Awards.  Unless you are in the ‘Most Innovative Research’ category, this is BlackHat’s Hall of Shame for security shortcomings.   A lesson learned from other’s mistakes is hopefully a lesson you don’t have to experience first-hand!

And the Ugly: A group of reporters from E-Week were covering Black Hat 2008 for their Security News.  They were too lazy to use their secured VPN to log into their home servers, so they just let their credentials pass in the clear… At a hacker convention… The shameful part is they threw the three responsible attendees out when they tried to submit these credentials to The Wall of Sheep.

Brian Fedorko

Jul 29

If you haven’t explored server virtualization, there is no better time! VMWare has announced that ESXi is now free! (CHEAP!)

Q. ESXi only supports a single VM, what is the advantage of this?

A. Portability & Flexibility. Since the VM isn’t tied to the hardware, it is ultimately transportable. Have a test server and production server? You can copy the REAL production VM to the test server. If you’re developing, you can copy the VM, archive it for Configuration Management purposes and promote the test environment to production with little risk for surprises due to differences in configuration!

You can get more out of less hardware. For development, your test hardware can be an Oracle 11g database server running RHEL on Monday, a JBoss App Server on SUSE on Tuesday, and an Oracle RAC instance on Oracle Enterprise Linux for emergency scalability on Wednesday, and an impromptu Backup Domain Controller on Windows Server 2008 on Thursday. The same server is the hardware you need when you need it!

Best of all, the VMs you create on ESXi are completely compatible with any of the VM Servers VMWare offers – Port it right into a ESX Server BladeServer or the like, when you are ready.

Q. What about Oracle Licensing on VMs?

A. Oracle does not officially support their products on any VM Server except Oracle VM – Their licensed version of Xen. However, I’ve been running Oracle on ESX on a wide variety of hardware implementations and have yet to experience one problem. Licensing a Virtualized Oracle Server can be expensive on a consolidated VM Server, as you must pay for every socket, whether you are using it for the Oracle Server VM or not – But on an ESXi hypervisor, with single VM setup, the cost is the same as if you put it on the physical server!

Q. What about Microsoft’s Hyper-V – That is free too!

A. Microsoft’s Hyper-V isn’t as ‘free’ or ‘Hyper’ as they would like you to believe. ESXi is free – It sits on the Hardware, requiring no foundational OS. MS Hyper-V requires you to purchase and install Server 2008 to run Hyper-V ($1000-$6000 depending on the flavor). Plus, you get all the overhead of having Microsoft Server 2008 as disk Sspace, memory, and processor overhead!

Then there is the matter of Hyper-V’s supported OS list It supports Windows, Windows, Windows, and SUSE.

Hyper-V space requirement: 10Gb MINIMUM. ESXi: 32Mb

Hyper-V max processors per host: 4. ESXi Max processors per host: 8

Etc…

In short, If you haven’t tried virtualizing your servers, now is a great time (It is always a great time to save your client/company/self equipment funds!). Now, you have nothing to lose!

Brian Fedorko