Adobe Reader and Acrobat security update

The last year or so, Adobe Reader has had a whole lot of leaks. Trend Micro published a blog yesterday about the fact that Adobe released an out-of-band update to plug yet another security hole.

If you want to use Adobe Reader, update. But I have a better suggestion: ditch Adobe Reader all together, and install FoxIT Reader instead.

For business use, FoxIT is a great piece of software. Clean, faster, more secure, and just as easy to use. And unlike Adobe, FoxIT offers a ready-to-use MSI file for Active Directory deployment.

© GeekLabInfo Adobe Reader and Acrobat security update is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

VMWare Data Recovery default password

If you surf to http://[vdr-host]:5480 you will be asked for a password.
user: root
password: vmw@re

Not very secure. Better make sure the VDR is firewalled.

© GeekLabInfo VMWare Data Recovery default password is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 4.33 out of 5)
Loading...

Magento and safe mode

The e-commerce application magento, for some reason, expects to have a lot of permissions on every server. One thing I stumbled upon when trying to install magento, was the creation of /tmp/magento/var.

Since /tmp could be shared between all users, this may not be the safest way. That's why my servers don't allow access to /tmp, but have a personal /tmp-style directory instead.

I got the error:
[Thu Feb 04 21:24:21 2010] [error] [client 1.2.3.4] PHP Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/tmp/magento/var) is not within the allowed path(s): (/blah/blah/website.com:/usr/share/pear:/var/www/error) in /blah/blah/website.com/app/code/core/Mage/Core/Model/Config/Options.php on line 214

The fix is very, very easy. But since I couldn't find anyone else posting the exact fix, I thought I'd do it.

in app/code/core/Mage/Core/Model/Config/Options.php on line 137, you find:
public function getSysTmpDir()
{
return sys_get_temp_dir();
}

Change it to:
public function getSysTmpDir()
{
return $_SERVER['DOCUMENT_ROOT'].'/your_secret_tmp_dir/';
}

© GeekLabInfo Magento and safe mode is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 3.00 out of 5)
Loading...

PXE Boot with old-style dhcp and tftp

In this article I'm covering the use of old-style dhcp and tftp, which is useful for company networks that have/need a complete dhcp server running. Personally, for smaller setups, I now prefer dnsmasq to do the job.

Booting from PXE

With most modern onboard and PCI network interface cards (NICs), it's possible to boot from the network. This system is called PXE.

Why would I want to boot from the network?

  • For installation of a computer without using CDs/DVD's
  • For thin clients
  • For booting diagnostic software
  • What is needed for PXE Boot?

  • a network card that supports PXE
  • a bios that supports plugin boot cards
  • a DHCP server
  • a TFTP server
  • some (open source) software you want to run
  • How to set up PXE boot?

    As I'm running (a variant of) RedHat Linux, I only cover how to set up PXE boot using Linux components. But there are Windows solutions as well. (Google it!)

    Step 1: set up DHCP

    When the NIC boots, it needs to get IP settings. Setup dhcp as usual. Now add these lines to the configuration:
    next-server 192.168.1.254;
    filename "/pxelinux.0";

    In the place of 192.168.1.254, you need to enter your own tftp server address.

    On my RH system, I installed the dhcp server using yum install dhcp, then configured /etc/dhcpd.conf as follows:

    ddns-update-style ad-hoc;
    authoritative;
    log-facility local0;
    default-lease-time 86400;
    max-lease-time 86400;
    subnet 192.168.1.0 netmask 255.255.255.0{
    range 192.168.1.100 192.168.1.200; #limited range
    option subnet-mask 255.255.255.0;
    option broadcast-address 192.168.1.255;
    option routers 192.168.1.254;
    option domain-name-servers 192.168.1.254;
    option domain-name "lan";
    next-server 192.168.1.254;
    filename "/pxelinux.0";
    }

    Step 2: set up TFTP

    Download and install a tftp server. Most Linuxes ship their own, which you can install using yum (RedHat), yast (SuSE), apt-get (debian/ubuntu) or similar.

    On my RedHat, I install a tftp server by running yum install tftp-server. Then I enable it using /sbin/chkconfig tftp on and reload xinetd: /sbin/service xinetd restart.

    Step 3: download and install syslinux

    On my RedHat system, I install syslinux by running yum install syslinux. I then copy the syslinux.0 file to /tftpboot: cp /usr/lib/syslinux/pxelinux.0 /tftpboot

    Optional: Firewall

    On a default RedHat installation, the firewall is enabled. You may need to open port 67-69 for dhcpd and tftp to function and port 53 for DNS.

    Links

    More details are described on
    http://syslinux.zytor.com/wiki/index.php/PXELINUX

    © GeekLabInfo PXE Boot with old-style dhcp and tftp is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

    1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
    Loading...

    Firefox 3.6 update broke VMWare WebAccess

    I already covered how to run VMWare Remote Console outside the browser. But the latest Firefox update broke more. It appears that Firefox is no longer connecting to SSL2 websites anymore.

    The problem accessing the console is that FF 3.6 now has SSL2 disabled by default. Open about:config and change security.enable_ssl2 from false to true.

    But that won't help with the console plugin, which although it installs, won't work from the "Console" tab. The workaround here is to generate a shortcut on your desktop and launch your session from there. -- mozilla.com

    © GeekLabInfo Firefox 3.6 update broke VMWare WebAccess is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

    1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
    Loading...

    Running VMWare Remote Console outside the browser

    Firefox 3.6 update broke my VMWare WebAccess.

    Since I updated to Firefox 3.6, I have not been able to run the vmware remote console plugin anymore. Running Linux, this is a pretty important program, as there is no vSphere client for Linux.

    How to run VMWare Console from the bash shell?

    cd /tmp
    IP=the.esx.srv.ip # < fill in esx server ip address here
    wget --no-check-certificate https://$IP/ui/plugin/vmware-vmrc-linux-x86.xpi
    mv vmware-vmrc-linux-x86.xpi vmware-vmrc-linux-x86.zip
    cd ~
    mkdir -p bin/vmwareconsole # make directory bin in your own homedir
    cd bin/vmwareconsole
    unzip /tmp/vmware-vmrc-linux-x86.zip
    cd ~/bin
    ln -s vmwareconsole/plugins/vmware-vmrc . # make a symlink for easy access
    vmware-vmrc # run the console

    © GeekLabInfo Running VMWare Remote Console outside the browser is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

    1 Star2 Stars3 Stars4 Stars5 Stars (11 votes, average: 5.00 out of 5)
    Loading...

    Enable web access to VMWare ESX 4

    The first time I tried to access the VMWare ESX 4 web client, I got this 503 Service unavailable error, which made me think I broke something. But on the second install, I got the exact same message.

    While this is not important for most Windows users, as a Linux user I need this entry as there is no vSphere client for Linux.

    In a default installation VMWare ESX 4.0 appears not to be running all required daemons to connect to the web client.

    So what to do?

  • Log on to the server over SSH (console access)
  • Type service vmware-webAccess status to check the current status of the webAccess daemon
  • Type service vmware-webAccess start to start the webAccess daemon
  • run /sbin/chkconfig –level 345 vmware-webAccess on to make webAccess start automatically on booting the ESX server
  • Make sure to firewall the ESX management to prevent abuse.
  • © GeekLabInfo Enable web access to VMWare ESX 4 is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

    1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 3.00 out of 5)
    Loading...