The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,977 other subscribers

Archive for the ‘Power User’ Category

Large (hundreds) CVE-2021-21974 ESXi VMware based ESXiArgs (Nevada?) ransomware attacks

Posted by jpluimers on 2023/02/04

Shodan.io results for query html:"We hacked your company successfully" title:"How to Restore Your Files"[Wayback/Archive] Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide

Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware.
Tracked as CVE-2021-21974, the security flaw is caused by a heap overflow issue in the OpenSLP service that can be exploited by unauthenticated threat actors in low-complexity attacks.
“As current investigations, these attack campaigns appear to be exploiting the vulnerability CVE-2021-21974, for which a patch has been available since 23 February 2021,” CERT-FR said.
“The systems currently targeted would be ESXi hypervisors in version 6.x and prior to 6.7.”
To block incoming attacks, admins have to disable the vulnerable Service Location Protocol (SLP) service on ESXi hypervisors that haven’t yet been updated.
CERT-FR strongly recommends applying the patch as soon as possible but adds that systems left unpatched should also be scanned to look for signs of compromise.
CVE-2021-21974 affects the following systems:
  • ESXi versions 7.x prior to ESXi70U1c-17325551
  • ESXi versions 6.7.x prior to ESXi670-202102401-SG
  • ESXi versions 6.5.x prior to ESXi650-202102101-SG

[Wayback/Archive] Esxi Ransomware Help and Support Topic (ESXiArgs / .args extension) – Page 2 – Ransomware Help & Tech Support (there are now 4 pages, most victims OVH, likely many more pages to follow)

[Wayback/Archive] How to Disable/Enable the SLP Service on VMware ESXi (76372)

[Wayback/Archive] html:”We hacked your company successfully” title:”How to Restore Your Files” – Shodan Search which resulted in the above image (I tweeted it at [Wayback/Archive] Jeroen Wiert Pluimers @wiert@mastodon.social on Twitter: “@vmiss33”)

Commands used in [Wayback/Archive] Jeroen Wiert Pluimers @wiert@mastodon.social on Twitter: “@vmiss33 I did forget to disable SLP on a patched system, but doing that is easy as per kb.vmware.com/s/article/76372:

/etc/init.d/slpd status
/etc/init.d/slpd stop
esxcli system slp stats get
esxcli network firewall ruleset set -r CIMSLP -e 0
chkconfig slpd off
chkconfig --list | grep slpd

More links to follow, but I’m away from keyboard for most of the day.

–jeroen

Read the rest of this entry »

Posted in ESXi6, ESXi6.5, ESXi6.7, Power User, Ransomware, Security, Virtualization, VMware, VMware ESXi | Leave a Comment »

Lii-500 Charger, and review

Posted by jpluimers on 2023/02/03

Via [Wayback/Archive] Jilles🏳️‍🌈 on Twitter: “Recycling old laptop batteries ” / Twitter, I ended up at this great in depth review [Wayback/Archive] Review of Charger LiitoKala Engineer Lii-500, including graphs of behaviour with various battery types and counts.

The site has many other reviews. Not just about [Wayback/Archive] Batteries and chargers (and a great overview at [Wayback/Archive] Round cell charger index). The main page is named [Wayback/Archive] Flashlight information, but shows links to lists of articles about batteries, chargers, multimeters, flashlights, projects and more.

So this is my list of things to try: [Wayback/Archive] Lii-500 Charger:

Read the rest of this entry »

Posted in Batteries, Li-Ion, LifeHacker, Power User | Leave a Comment »

If you can read German and ever need to explain number or set theory to your kids, use this thread by isotopp…

Posted by jpluimers on 2023/02/02

Long thread at [Archive.is] Kristian Köhntopp on Twitter: “Tage im Lockdown. Heute, Diskussion mit der Frau (die das gerade dem Kind erklärt) über Brüche vs irrationale Zahlen (also keine Brüche). Wir enden bei Zahlentheorie, …”

I expanded it using [Wayback] Thread by @isotopp on Thread Reader App – Thread Reader App:

Tage im Lockdown. Heute, Diskussion mit der Frau (die das gerade dem Kind erklärt) über Brüche vs irrationale Zahlen (also keine Brüche).

Wir enden bei Zahlentheorie, … 

… und Mengenlehre. Wir machen gerade Bruchrechnung, also ℚ, und ich hatte versucht zu erklären, daß ℚ[0,1[, ℚ und ℤ nur Cosplay von ℕ sind.

Richtig ätzend ist nur ℝ, oder genauer ℝ\ℚ, also 𝕀. 

Das Ergebnis war eine Tour von Zahlentheorie (“Hier ist die leere Menge, wir machen uns ℕ = {}, {{}}, {{}, {{}}}, … durch Generierung unterscheidbarer Elemente und Bestimmung der Mächtigkeit, dann erfinden wir die Addition, dann bekommen wir … 

… kostenlos Assziativität, Kommutativität, dann erfinden wir Kettenadditionen und Multiplikation und bekommen Distributivität.

Dann erfinden wir Umkehroperationen und weil wir Algebren wollen, muß ℕ zu ℤ werden. Ist das schlimm? Nein, wir können ℕ auf ℤ abbilden. 

Ist das schlimm? Nein, es ist eine Bijektion, also sind es dieselbe Menge, ℤ ist ein Cosplay von ℕ.

Dasselbe kriegen wir mit der Umkehrung der Multiplikation, der Division, und den Brüchen, und ℚ und de.wikipedia.org/wiki/Cantors_e…

ℚ ist also auch ein Cosplay von ℕ. 

So weit war alles einfach erklärbar, auch wenn das bei mir schon 30 Jahre her ist. Aber dann kommen wir darauf, daß ℚ[0,1[ und ℚ gleich mächtig sind, und das wird zunächst mal intuitiv abgelehnt. 

Offen sind noch 𐡀-Null mächtiger als 𐡀-Eins, und daß es mehr irrationale als rationale Zahlen gibt, und de.wikipedia.org/wiki/Hilberts_….

Und ich kann diese Beweise nicht mehr aus dem Stand…

Jetzt habe ich die Aufgabe, das als verständliche Erklärung vorzubereiten. 

Eigentlich ist das alles total schön, weil die ganze Mathematik aus der leeren Menge, und dem Willen eine Algebra zu haben (also weiter rechnen zu können) zu folgern ist.

Aber manchmal ist Geekhaushalt auch anstrengend…

–jeroen

Posted in Development, LifeHacker, Mathematics, Power User, science, Software Development | Leave a Comment »

Does it still hold: “Never keep anything important on AWS in US-EAST-1”?

Posted by jpluimers on 2023/01/31

Reminder to self to check if this still holds: [Archive] Varun Krishnan on Twitter: “Never keep anything important on AWS in US-EAST-1” / Twitter

Slightly more than a year ago, the Amawon Web Services region US-EAST-1 collapsed with world-wide downtime consequences for many AWS services. It took some 8 hours to recover most of the services.

Before that, it was plagued with outages, maybe because it was their first ever region:

The outage was covered many times. I have included this El Reg link, as I like their tone of voice: [Wayback/Archive] AWS technical woes in US East region cause widespread outage • The Register.

Basically, any cloud stack is founded on these three layers:

  • Storage (S3 or Simple Storage Service in AWS speak)
  • Compute (EC2 or Elastic Compute Cloud in AWS speak)
  • Authentication and Authorisation (IAM or Identity and Access Management in AWS speak)

On top of that, any other services are implemented. And for Amazon Web Services, many of these have become available over the last two decades.

Indeed Anders Borum was right in his tweet: US-EAST-1 is the first ever AWS EC2 region and started in 2006, more than 15 years ago. It is also the region with the largest capacity. Likely both play a role in US-EAST-1 being part or initiating factor in many of the major AWS outages. If you look in all AWS outages, US-EAST-1 plays a role in most if not all outages since 2017,

So for now, if hosting at AWS, I would host outside of US-EAST-1.

Depending on the kind of application and money involved, I would consider hosting in multiple regions, and if a truckload of money was involved: hosting on multiple clouds.

I fully agree with [Archive] Gergely Orosz on Twitter: “If you were impacted by the recent AWS outage, the decision to invest in multi-cloud / multi-datacenter is simple: How much did this outage cost you vs the cost of adding a (lot) more complexity & maintenance with multi-cloud/DC? If outage cost >> this, only then do it.” / Twitter

Some more insight on multi-cloud hosting is via [Archive] Redmond on Twitter: “New feature from @jdanton: A full post-mortem from AWS is still to come, but in the meantime, IT pros should start bolstering their cloud disaster recovery strategies now — before the next outage. https://t.co/ios5Re5ZCs” / Twitter at [Wayback/Archive] AWS Outage Fallout: What Lessons You Should Learn — Redmondmag.com

Is It Time to Go Multicloud?

No. Well…if you are running a major property with a big customer-facing presence, it can be a good strategy to have static Web and app content hosted in a second cloud. In the case of an outage like yesterday’s, you’d have the option to direct traffic to the static presence, which can supply some level of experience for your users.

A good example of how this approach can be useful is an outage dashboard. Whenever a cloud provider has an outage, they are notoriously bad at properly reporting ongoing status. This is because they have hosted their dashboards in their own clouds using their own APIs — and when these APIs go down, they take the monitoring with them. Using DNS, you can quickly redirect traffic to this static site, where your engineers can update the page with status updates.

Related

–jeroen

Read the rest of this entry »

Posted in AWS Amazon Web Services, Cloud, Cloud Development, Deployment, Development, DevOps, Infrastructure, Power User, Software Development | Leave a Comment »

40th Lisa anniversary last week: download Apple Lisa OS Software version 3.1 source code files

Posted by jpluimers on 2023/01/30

I missed this because there is no RSS feed for [Wayback/Archive] Art of Code – CHM* (there is an email [Wayback/Archive] Art of Code Subscription, but [Wayback/Archive] Email is so last century • The Register).

Anyway: the Apple Lisa turned 40 last week and to celebrate that, the Lisa OS Software got released to the public through the Computer History Museum. That is: after you accept the [Wayback/Archive] Download Apple Lisa source code files: APPLE ACADEMIC LICENSE AGREEMENT Lisa OS Software version 3.1, or just download [Wayback] d1yx3ys82bpsa0.cloudfront.net/source/lisa-source.zip.

Read the rest of this entry »

Posted in 68k, Apple, Apple Lisa, History, Power User | Leave a Comment »

 
%d bloggers like this: