Just released at SysAdmin Magazine (both in print and on the web) is my latest column. This being part one of a two parter on virtualization. Here is the link. Also in this same issue of SysAdmin is an article by my colleague, Chris Page, about the cluster technology that is part of Oracle’s RAC product. Well worth a read.
Solaris
Solaris 10 + zero-day attack
SANS has reported a verifiable zero-day exploit for Solaris 10 and beyond (Nevada et al). There is a vulnerability in telnetd that can allow attackers to login without a proper account and password.
Note that in recent releases of Solaris Nevada which are “Secure by default”, telnetd is disabled during installation. Earlier releases have telnet enabled and it should be disabled in almost all circumstances. The command to disable is
# svcadm disable telnet
Here is the Information Week article describing the problem and linking to SANS.
Nexenta within Parallels on Mac OS X 10.4.8
This is rather esoteric, but I’ve seen posts asking for a solution to this problem so thought I’d document my experience here.
Problem – Trying to install Nexenta (Elatte) Alpha 6 within Parallels on the Mac. Nexenta is an open source distribution of Solaris that has the Solaris Nevada kernel and the Debian userland. It installs cleanly in Parallels beta RC1, but X fails to start cleanly. It appears that the xorg.conf is missing and the default Xorg is not sufficient.
Solution – I ran Xorg -configure to generate a new /root/xorg.conf.new
Then I followed some advice from the parallels forums as to changes to make and saved the file as /etc/X11/xorg.conf
I changed the Monitor section to be:
Section "Monitor"
Identifier "Monitor0"
VendorName "Monitor Vendor"
ModelName "Monitor Model"
HorizSync 31.5-100
VertRefresh 59.0-75.0
Modeline "1440x900" 108.84 1440 1472 1800 1912 900 918 927 946
EndSection
And the Screen section:
Section "Screen"
Identifier "Screen0"
Device "Card0"
Monitor "Monitor0"
SubSection "Display"
Viewport 0 0
Depth 1
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 4
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 8
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 15
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 16
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 24
Modes "1440x900"
EndSubSection
EndSection
Finally I changed parallels via the “configuration” section to allow a custom resolution of 1440×900.
Net result is Nexenta is up and being graphical on my MacBook Pro. Very nice.
My Course Handout for the Solaris 10 Administration Workshop Course
Pardon the large .pdf file, here are the course materials that I hand out to the students of my Solaris 10 Administration Workshop course. This year I’m teaching this course for both USENIX and the SANS 2007 conference. This particular handout is from the Dec 2006 USENIX LISA conference. Feedback welcome.
My Course Handout for the Solaris 10 Security Workshop Course
Also, here are the course materials that I hand out to the students of my Solaris 10 Security Workshop course. I’m teaching this course for both USENIX and the SANS 2007 conference. This particular handout is from the Dec 2006 USENIX LISA conference. Feedback welcome.
NEOSUG Kickoff Meeting
Sun Microsystems has evolved from a company based on a closed-source proprietary operating system to one based on an open source operating system with a burgeoning community. These operating systems are one-in-the-same – Solaris. OpenSolaris is the non-commercial, open source distribution of Solaris. (Of course Sun still has its commercial Solaris for those wanting support.)
In the olden-days (in the 1990s), there used to be the Sun User Group (SUG). At one point I was even on the board of directors of SUG. But for various reasons, especially Sun’s lack of interest in having a user group, SUG fell apart.
Fast forward to the current century and Sun is encouraging user groups to form around the OpenSolaris banner. I’m a big fan of Solaris (in all flavors) and my company sells and supports Sun systems, so we’re doing our part and starting up the North East (U.S.) OpenSolaris User Group. Fortunately those initials give the new group the cool moniker NEOSUG.
The inaugural meeting of NEOSUG is Jan 31st, 2007 at Sun’s campus in Burlington Mass. All are welcome. This meeting will feature talks by Simon Phipps, Dave Miner, and myself. The purpose of this meeting is to give an overview of OpenSolaris, and then to have a discussion about what the attends want from NEOSUG (and what they can contribute). Everything is open for debate – how often to meet, where, what to cover, leadership, who to invite to talk, and so on.
So if you’re interested in OpenSolaris and if you are in the area, please make it a point to join us. There will be pizza and beverages (provided by Sun for this first meeting), and I have it on good authority that trinkets will be distributed.
Laura Ramsey is coordinating the meeting. Here blog and NEOSUG meeting details are here. You can register here.
For more information have a look at the NEOSUG web page. Hope to see you there!