Create a VM Template for Rocky Linux 9

Midjourney rendering of Linux VM Templates

It’s fairly easy, but not entirely straightforward, to create a good Linux VM template on VMware vSphere. You’ve come to the right place, though! Let’s walk through all the steps needed to create a reliable, small, and secure VM template on VMware vSphere and VMware Cloud Foundation using Rocky Linux 9. Create a New VM First, we need a fresh VM. Make new VM the latest virtual hardware version you can. See “Upgrade VM Hardware Versions” for more discussion on this. Choose the right operating system. In this case, Rocky Linux is in the list. Alternately, you could choose Red Hat Enterprise Linux 9 for EL-family Linux distributions. I create …

Read More

Upgrade VM Hardware Versions

There are varying opinions within the greater VMware community about upgrading VM hardware versions. Newer virtual machine hardware versions introduce new features, new guest OS support, better compatibility and performance with CPU vulnerability mitigations, better support for modern CPU features, better security defaults, and so on. Upgrading virtual machine hardware changes the virtual hardware presented to the guest operating system, just as if you placed a boot device from a physical server into a newer physical server. These changes can vary in risk, may require more than one reboot, and may require human interaction to complete. This forms the basis for many of the opinions that recommend leaving VM hardware …

Read More

What is Access Control?

Midjourney depiction of access control

Access control is a fundamental concept in cybersecurity that revolves around managing and restricting access to sensitive resources within an organization’s network. It is a critical component of any comprehensive security strategy, as it helps prevent unauthorized access, protect confidential data, and ensure that only authorized individuals can perform specific actions or access particular systems. At its core, access control is based on the principle of least privilege, which states that users should be granted the minimum level of access required to perform their job functions effectively. This approach minimizes the potential damage that can be caused by accidental or malicious misuse of privileges. Types of Access Control Models There …

Read More

What is a Keylogger or Keystroke Logger?

Midjourney representation of the question "What is a Keylogger?"

A keylogger, also known as a keystroke logger, is a type of software or hardware device that records every keystroke made on a computer keyboard. It captures all the text typed by the user, including sensitive information such as passwords, credit card numbers, and private conversations. Software Keyloggers Software-based keyloggers are the most common type. They are installed on the target computer, often through malware or phishing attacks. Once active, they run in the background, secretly logging keystrokes and sending the collected data to the attacker. Some advanced keyloggers can even capture screenshots and record clipboard content. Hardware Keyloggers Hardware keyloggers are physical devices that are attached between the keyboard …

Read More

What is Virtualization?

Midjourney rendition of the question "What is virtualization?"

At its core, virtualization is a technology that allows you to create multiple virtual environments on a single physical machine. These virtual environments, called virtual machines (VMs), act as independent computers with their own operating systems, applications, and resources, even though they share the same underlying hardware. Imagine you have a powerful server with ample CPU, memory, and storage capacity. Instead of dedicating the entire server to a single operating system and application, you can use virtualization software, known as a hypervisor, to create multiple VMs on that server. Each VM runs its own operating system and applications, isolated from other VMs on the same physical machine. Types of Virtualization …

Read More

What is an Inode?

An image generated by Midjourney depicting people with hats looking at a skyline, connected with wires, with blobs in them that could be inodes

An inode, short for “index node,” is a data structure used by Linux filesystems to store metadata about a file or directory. Each file and directory in a Linux or UNIX filesystem is associated with a unique inode number. The inode contains essential information about the file or directory, such as: It’s important to note that the inode itself does not contain the file’s name or the actual data. Instead, it serves as a reference point for accessing the file’s metadata and locating its data on the disk. Inode Structure and Limits Each filesystem has a fixed number of inodes, which is determined when the filesystem is created. The number …

Read More

Delete Files With Special Characters

Midjourney-generated image of a man standing in water looking at a city skyline with stars above

I use SecureCRT for my terminal application, partly because it supports native zmodem transfers, and that makes moving files back and forth between my desktop super easy (if you have lrzsz installed you can just “sz filename.txt” to send something over). Occasionally, though, the transfer aborts and the shell vomits things to files with special characters in their names, like: $ ls -rw-r–r–. 1 plankers plankers 0 May 9 14:00 ”$’\326”y’$’\342”[‘$’\305”X’ -rw-r–r–. 1 plankers plankers 0 May 9 14:00 ”$’\370\343”4’$’\361′ How do you deal with files with special characters? There are a number of tricks that work: The inode number method is super easy to use if you have shell …

Read More

Bandwidth-Delay Product

System administrators who wish to get maximum network performance across long, fast network connections may want to tune the TCP networking parameters on their systems. To know how to tune those parameters we need to compute something called the Bandwidth-Delay Product, or BDP. Much to the chagrin of network engineers, us simple sysadmins can often think about simple (non-LACP) server network connections like water pipes (or sewer pipes if we are feisty). Larger-diameter pipes can move more liquid at once, similar to a network connection that has higher bandwidth. Longer pipes require more time to reach the other end, which correlates to latency. And while you might not think about …

Read More

Easy Dell PowerEdge Firmware Updates

With all the CPU and other hardware vulnerabilities present in modern servers it’s very important to keep your Dell firmware updated. Various operating systems, like VMware ESXi, Linux, and Microsoft Windows ship CPU microcode with their OSes, but that only updates the CPUs. There are still other vulnerabilities that exist, like in the Intel Management Engines, memory controllers, UEFI firmware, and so on that if left unpatched present an opportunity for attackers. I dislike complexity. A lot. Adding more tools to an environment in order to do a job, like managing Dell firmware updates on servers, also adds complexity. Thankfully, on Dell PowerEdge servers there are a couple of approaches …

Read More

First Post

Image generated by Midjourney of an abstract sunset and starry sky (style of Georges Seurat, starry sky --ar 7:4 --style raw --stylize 1000)

Hi. I’m Bob Plankers, and this is my new blog, Plank You Very Much. Take that however you want. My wife and daughter rolled their eyes but my son thought it was funny. I started blogging in 2005, over on The Lone Sysadmin. I was angry, and stunk at writing, and all this newfangled virtualization stuff was going on. Nowadays the kids call it “learning in the open” but back then it didn’t have a label. It was just “blogging.” It’s really hard to believe it’s almost 20 years later. Time flies when you’re having fun. Or having something. Kids, mostly, nowadays. I was burned out on blogging, and writing …

Read More