Category: security

Quick and Dirty VMware ESX Patching

On the ESX console, do the following:

  • Read the documentation for each patch.
  • Group patches that can be installed together into a directory, possibly an NFS mount available on all your ESX hosts.
  • Cd into the patch directory and untar the patches:

    for i in `ls *.tgz`; do
    tar -xvzf $i
    done

  • Install the patches:

    for i in `ls`; do
    if [ -d $i ]; then
    cd $i
    esxupdate --noreboot update
    cd ..
    fi
    done

  • Reboot.

My small contribution to the update-your-DNS-server panic

How to find the version of BIND that you’re running:

> dig @localhost version.bind txt chaos

; <<>> DiG 9.3.2 <<>> @localhost version.bind txt chaos
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7775
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;version.bind. CH TXT

;; ANSWER SECTION:
version.bind. 0 CH TXT "9.3.5-P1"

;; AUTHORITY SECTION:
version.bind. 0 CH NS version.bind.

;; Query time: 57 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 14 11:45:14 2008
;; MSG SIZE rcvd: 65