The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,854 other subscribers

Archive for the ‘Power User’ Category

« Previous Entries
Next Entries »

Stop FortiClient from auto-starting (as it uses a truckload of Windows resources, often including 2 gigabyte of memory for their logger)

Posted by jpluimers on 2021/04/16

I see lot’s of negative reactions on FortiClient, as it is very closed source, many intermittent issues, and is a product that tries to be a jack of all trades (over a couple of versions, in addition of being a proprietary VPN client, they started doing vulnerability scanning, interfering with anti-virus products, they blocked saving of passwords and allowing password managers to paste them, and I could go on).

Sometimes you have to use it in order to access a FortiGate based VPN server, so the best is to defer starting it until as late as possible.

Here are some links to get that configured correctly:

–jeroen

Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

google chrome – How can I selectively disable paste blockers – Super User

Posted by jpluimers on 2021/04/16

For my link archive: [WayBack] google chrome – How can I selectively disable paste blockers – Super User.

Preliminary testing shows that Chrome Extension [Archive.is] “Don’t Fuck with Paste” works with eendagskentekenbewijsaanvragen.rdw.nl

–jeroen

Posted in Chrome, Chrome, Firefox, Google, Power User, Web Browsers | Leave a Comment »

Dockerfile with Bite Size Networking tools from b0rk

Posted by jpluimers on 2021/04/16

[WayBack] Ryan James Spencer on Twitter:

“I wrote a quick Dockerfile so people who purchase Bite Size Networking from  @b0rk can quickly have access to the tools. You can slim the image down to do debugging on docker networks once you get comfortable with which tools are most useful to you.”

He is planning to do more, so maybe a few of [WayBack] wizard zines get encapsulated into dockerfiles as well.

–jeroen

PS: [WayBack] Dockerfile | Docker Documentation


# N.B. The only tool missing here that is mentioned in the document is `zenmap`
# purely because this image is intended to be run via a CLI and `zenmap` is a GUI
# to `nmap` i.e. one can play around with the tools by running:
#
# $ docker build –name bite_size_networking:latest .
# $ docker run –rm -d –name bsn_test bite_size_networking:latest
# $ docker exec -it bsn_test bash
#
# Alternatively, one can change the `ENTRYPOINT` to `["bash"]` and run:
#
# $ docker run -it –name bsn_test bite_size_networking:latest
#
# then later (after exiting the shell):
#
# $ docker start bsn_test
# $ docker attach bsn_test
#
# One can also run this image on a docker network to capture packets and so
# forth for debugging purposes. Once you've found the tooling that best suits
# your needs, it may make sense to make a slimmed down version of this
# Dockerfile and, if wireguard isn't needed, base this image off
# `debian:stable` instead.
#
# Lastly, you can purchase Bite Size Networking or Julia's other fantastic
# zines over at https://wizardzines.com/
# We use `unstable` here since we install `wireguard` below
FROM debian:unstable
RUN apt update && \
DEBIAN_FRONTEND=noninteractive apt install -y \
dnsutils \
curl \
nmap \
tcpdump \
ngrep \
mitmproxy \
iptables \
ethtool \
stunnel \
hping3 \
lsof \
ipcalc \
p0f \
iperf \
apache2-utils \
wget \
python3 \
iftop \
nethogs \
iptraf \
httpie \
nload \
aria2 \
nftables \
tcpflow \
telnet \
openvpn \
links \
wireguard \
tshark
ENTRYPOINT ["sh", "-c", "while true; do sleep $(( 60 * 60 * 24 )); done"]

view raw

Dockerfile.bite_sized_networking

hosted with ❤ by GitHub

Posted in *nix, *nix-tools, Cloud, Containers, Docker, Infrastructure, Power User | Leave a Comment »

Some VMware ESXi 7 download filenames and checksums

Posted by jpluimers on 2021/04/15

The free ESXi 7 download page only get these downloads:

VMware vSphere Hypervisor – Binaries

VMware vSphere Hypervisor (ESXi ISO) image

2020-06-23 | 7.0b | 351.9 MB | iso

Boot your server with this image in order to install or upgrade to ESXi (ESXi requires 64-bit capable servers). This ESXi image includes VMware Tools.

MD5SUM(¹): 6b74910d911cabcd346028071eb83682
SHA1SUM(¹): 9eeff60e4257d763f49d9b39e1dbaee4fe22acbd
SHA256SUM(¹): 7bebfc1bc0794b0964b9ee731860785794fb678d49a1f06d5e62524b805f2b72

VMware vSphere Hypervisor (ESXi) Offline Bundle

2020-06-23 | 7.0b | 346 MB | zip

Contains VIB packages and image profiles for ESXi including VMware Tools. Use the image profiles and the VIB packages with VMware Image Builder and VMware Auto Deploy to create custom image/ISO generation for ESXi deployments.

MD5SUM(¹): d40887d357dd7042d75d1460d70396ca
SHA1SUM(¹): 620bc355af3d23436eedc1ef49a62225a18f862f
SHA256SUM(¹): d26ce8c036cc2a6c1a49a15c2ecfd471f17df80b4b88e9ed4093671be6b0dec5

There have been many more ESXi versions, that some of the time you want for regression, and some of the time because they are better.

Some of the times (like right now) you do also do NOT want a version, like the current ESXi 7.0 update 2 which got retracted on March 13th, but is still available on the free vSphere 7 evaluation.

I started to notice yesterday that a few folks in the community were running into the following error after upgrading their ESXi hosts to latest 7.0 Update 2 release: Failed to load crypto64.efi Fa…

UPDATE (03/13/2021) – It looks like VMware has just pulled the ESXi online/offline depot and has updated KB 83063  to NOT recommend customers upgrade to ESXi 7.0 Update 2. A new patch is actively being developed and customers should hold off upgrading until that is made available.

UPDATE (03/10/2021) – VMware has just published KB 83063 which includes official guidance relating to the issue mentioned in this blog post.

Warning! – Mar 13 2021 Update – Don’t upgrade to 7.0 Update 2 yet.
If you try to upgrade now anyway, you may experience one of these two errors:

1) Using vLCM (Lifecycle Manager)

to update your ESXi host, you see this error:

  Loading /boot.cfg
  Failed to load crypto64.efi
  Fatal error: 15 (Not found)

2) Using ESXCLI

to update your ESXi host, you see this error:

  [root@xd-1541-5028d:~] esxcli software profile update -p ESXi-7.0.2-17630552-standard -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
  [NoMatchError]
  No image profile found with name 'ESXi-7.0.2-17630552-standard'
        id = ESXi-7.0.2-17630552-standard
  Please refer to the log file for more details.
  [root@xd-1541-5028d:~]

you’ll want to see this excerpt from VMware KB 83063 published on Mar 12 2021

The vSphere 7 evaluation page is always the one where to get the latest version: [Wayback/Archive.is] How do I download the latest ESXi 7.x .iso? VMWare’s site only lists 7.0.0 : vmware.

Do not get ESXi 7.0 update 2 yet [Wayback] my.vmware.com/en/group/vmware/evalcenter?p=vsphere-eval-7:

The hypervisor should be directly installed on any supported physical server targeted for hosting virtual machines.

VMware vSphere Hypervisor (ESXi ISO) image

2021-03-09 | 7.0U2 | 390.53 MB | iso

Boot your server with this image in order to install or upgrade to ESXi (ESXi requires 64-bit capable servers). This ESXi image includes VMware Tools.

MD5SUM(¹): a085686c3fc8a438a40382118448a846
SHA1SUM(¹): 1ceed7c40b1cd6f97f12eacc027037e202fcb6e9
SHA256SUM(¹): ff20603e4a3e75ab20c7752ca4e3e28d55d28730d6947c849a4cc5beacf9878d

There are many sites outside of VMware where you can get these versions, which you can validate by verifying their checksums.

Luckily, VMware has pages with checksums of the Offline Bundle files, so I have listed them below.

  • [Wayback] VMware ESXi 7.0 Update 2 Release Notes
    Download Filename: VMware-ESXi-7.0U2-17630552-depot.zip
    Build: 17630552
    Download Size: 390.9 MB
    md5sum: 4eae7823678cc7c57785e4539fe89d81
    sha1checksum: 7c6b70a0190bd78bcf118f856cf9c60b4ad7d4b5
    Host Reboot Required: Yes
    Virtual Machine Migration or Shutdown Required: Yes
  • [Wayback] VMware ESXi 7.0 Update 1d Release Notes
    Download Filename: VMware-ESXi-7.0U1d-17551050-depot.zip
    Build: 17551050
    Download Size: 363.0 MB
    md5sum: 2ff3ce7fb83ac1659a9142ad4510bdfe
    sha1checksum: a84b2bcdae56a95609844f3f8dcc46d28e736b39
    Host Reboot Required: Yes
    Virtual Machine Migration or Shutdown Required: Yes
  • [Wayback] VMware ESXi 7.0 Update 1c Release Notes
    Download Filename: VMware-ESXi-7.0U1c-17325551-depot.zip
    Build: 17325551
    Download Size: 523.2 MB
    md5sum: d1410e6c741ada23c3570e07b94bd8c7
    sha1checksum: a70defe8353b39f74339b158697ed1a12df6c55d
    Host Reboot Required: Yes
    Virtual Machine Migration or Shutdown Required: Yes
  • [Wayback] VMware ESXi 7.0 Update 1b Release Notes
    Download Filename: VMware-ESXi-7.0U1b-17168206-depot.zip
    Build: 17168206
    Download Size: 360.6 MB
    md5sum: f6651dba2cf3e28f639b45068760f286
    sha1checksum: 1fa79325cefa5730f1fa6f6e8a958b499051d81a
    Host Reboot Required: Yes
    Virtual Machine Migration or Shutdown Required: Yes
  • [Wayback] VMware ESXi 7.0 Update 1a Release Notes
    Download Filename: VMware-ESXi-7.0U1a-17119627-depot.zip
    Build: 17119627
    Download Size: 360.6 MB
    md5sum: 37209643e5d483f70d82c39d3a0e02c8
    sha1checksum: 19efc144e0bccef65e3e27f815502bfb73a05782
    Host Reboot Required: Yes
    Virtual Machine Migration or Shutdown Required: Yes
  • [Wayback] VMware ESXi 7.0 Update 1 Release Notes
    Download Filename: VMware-ESXi-7.0U1-16850804-depot.zip
    Build: 16850804
    Download Size: 360.6 MB
    md5sum: 3c12872658250d3bd12ed91de0d83109
    sha1checksum: 7cc4e669e3dddd0834487ebc7f90031ae265746c
    Host Reboot Required: Yes
    Virtual Machine Migration or Shutdown Required: Yes
  • [Wayback] VMware ESXi 7.0, Patch Release ESXi 7.0b
    Download Filename: VMware-ESXi-7.0b-16324942-depot.zip
    Build: 16324942
    Download Size: 508.5 MB
    md5sum: 18a8c2243a0bd15286c331092ab028fc
    sha1checksum: d0a02bbf0716364fb3e799501357944c88e17401
    Host Reboot Required: Yes
    Virtual Machine Migration or Shutdown Required: Yes

–jeroen

Posted in ESXi7, Power User, Virtualization, VMware, VMware ESXi | Leave a Comment »

When registering for ESXi 7: “Content Not Available Dear user, the web content you have requested is not available.”

Posted by jpluimers on 2021/04/15

VMware ESXi 7 registration fails on Chrome

VMware ESXi 7 registration fails on Chrome

The “free-esxi#” pages are the only place where you can register for and view your ESXi licenses, as they are not part of my.vmware.com/group/vmware/my-licenses (that would make it easy, but that’s not how VMware is a corporate).

It really is the only place, and the documentation is buried deep in the KB pages: [Archive.is] Downloading and licensing vSphere Hypervisor (ESXi 6.x & 7.x) (2107518).

If you get “content not avaiable” while registering for ESXi 7 [Wayback] maintenance.vmware.com/info4.html?source=dwnp&p=free-esxi7 by clicking on the “Register” button on [Wayback] my.vmware.com/en/web/vmware/evalcenter?p=free-esxi7

The dreaded register button.

The dreaded register button.

 

Content Not Available

Dear user, the web content you have requested is not available.

… then remember that VMware has been as corporate as banks for years, which means that their web-sites only work properly in a limited set of browsers. Chrome is not one of them any more, but Firefox seems to for for me.

I am not alone bumping into this, many have and the site has been working/failing for years, for instance back in 2019: [Wayback] Is there still a free version of ESXI that is not … – VMware Technology Network VMTN

–jeroen

Posted in ESXi7, Power User, Virtualization, VMware, VMware ESXi | Leave a Comment »

The Architecture of Open Source Applications: Sendmail

Posted by jpluimers on 2021/04/12

Cool historic article: [WayBack] The Architecture of Open Source Applications: Sendmail by Eric Allman.

It is Chapter 17 of this book [WayBack]:

The Architecture of
Open Source Applications
Amy Brown and Greg Wilson (eds.)
ISBN 978-1-257-63801-7

I totally missed that book being published in 2014.

Great historic read!

–jeroen

Posted in *nix, *nix-tools, History, Power User, sendmail | Leave a Comment »

Google Drive is not telling it secretly moves files to the trash

Posted by jpluimers on 2021/04/12

A while ago, Google Drive told me it was out of storage.

I tried re-syncing, and then it suddenly told me a “Drive storage is full” message indicating “You have 3GB in your trash at drive.google.com. Empty your trash or upgrade your storage”.

You can view your trash at drive.google.com/drive/trash

Emptying is more tricky than you’d think:

  1. Click on the “Trash word” (not the trash icon!)
  2. Click om “Empty trash”
  3. Conform the action

     

  4. wait a few seconds, as often the trash will fill itself up again
  5. if it refilled: repeat from step 2.
  6. refresh your browser screen, as often then the trash will refill
  7. if it refilled: repeat from step 2.

The trash contained thousands of temporary PDF files: 3.2 GB, even more than Google Drive indicated.

These are not something I want to keep in the trash. Too bad Google Drive never warned me they were kept there.

On a different account that had way more file changes this saved more than 27 GB.

Maybe time to setup [WayBack] Google Drive Sensor | PRTG Network Monitor User Manual

Might be really interesting, as since 2015, [WayBack] PRTG 100 is Now Available For Free.

–jeroen

Posted in Google, GoogleDrive, Power User | Leave a Comment »

How to remember password in FortiClient VPN? – Stack Overflow

Posted by jpluimers on 2021/04/12

In [WayBack] How to remember password in FortiClient VPN? – Stack Overflow, the consensus seems to be “it varies, and usually is unreliable”.

Time to write a tool that snifs the Windows GUI and auto-enters the credentials.

That would be much like the Linux expect solution: [WayBack] Continuous run Forticlient VPN using expect. Automatically restart VPN if get disconnected or session closed. · GitHub

Via: [WayBack] Forticlient 5.6 – Save Credentials | Fortinet Technical Discussion Forums

–jeroen

Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

UV warning image stickers

Posted by jpluimers on 2021/04/09

Via uv warning sticker – Google Search:

 

–jeroen

Read the rest of this entry »

Posted in LifeHacker, Power User | Leave a Comment »

Need to do some reading on local domains on the internal network

Posted by jpluimers on 2021/04/09

A long time I wondered why I saw ESXi systems on my local network have two entries in their /etc/hosts file:

[root@ESXi-X10SRH-CF:~] cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1   localhost.localdomain localhost
::1     localhost.localdomain localhost
192.168.71.91   ESXi-X10SRH-CF ESXi-X10SRH-CF

Then I bumped into someone who had a different setup:

[root@ESXi-X10SRH-CF:~] cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1   localhost.localdomain localhost
::1     localhost.localdomain localhost
192.168.0.23    esxi.dynamic.ziggo.nl esxi

So now I knew that the first entry can have a domain resolving it (it still makes be wonder why ziggo is using a top-level domain to resolve local stuff; but searching for  dynamic.ziggo.nl did not get me further on that).

So I installed a quick ESXi machine on that local network, and got the same.

When back home the machine still thought it was esxi.dynamic.ziggo.nl, though clearly I was outside a Ziggo network

I wanted to get rid of it, but that was hard.

Since I forgot to take screenshots beforehand, I can only provide the ones without a search domain bellow.

Reminder to self: visit someone within the Ziggo network, then retry.

Normally you can edit things like these in the default TCP/IP stack. There are two places to change this:

Neither of these allowed me to change it to a situation like this, but luckily the console did.

In the below files, I had to remove the bold parts, then restart the management network (I did keep a text dump, lucky me):

[root@esxi:/etc] grep -inr ziggo .
./vmware/esx.conf:116:/adv/Misc/HostName = "esxi.dynamic.ziggo.nl"
./resolv.conf:2:search dynamic.ziggo.nl 
./hosts:5:192.168.71.194    esxi.dynamic.ziggo.nl esxi
[root@esxi:/etc] cat /etc/resolv.conf 
nameserver 192.168.71.3
search dynamic.ziggo.nl 
[root@esxi:/etc] cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1   localhost.localdomain localhost
::1     localhost.localdomain localhost
192.168.71.194  esxi.dynamic.ziggo.nl esxi

Future steps

  1. Read more on local domains, search domains and related topics
  2. Configure a local domain on my local network, so DHCP hands it out, and DHCP handed out host names are put in the local DNS
  3. Test if all services on all machines still work properly

Reading list

Read the rest of this entry »

Posted in DNS, ESXi6.5, ESXi6.7, Hardware, Internet, Mainboards, Network-and-equipment, Power User, SuperMicro, Virtualization, VMware, VMware ESXi, X10SRH-CF, X9SRi-3F | Leave a Comment »

« Previous Entries
Next Entries »