In this day and age of computer hacks and security problems, why do companies make it awkward to change usernames and or passwords? One example of an awkward procedure to change a password is on the VMware vCenter server. If like any good security minded person you have all your passwords set to expire every 28 days or so, to change the password on the vCenter server you have to do some "command line fu" to change it. Heaven forbid that you have to change the username as well. So how do you do it? Well if you are running vCenter on a Windows 2008 server and connecting to a Oracle server (that actually holds all the data) there are a couple of things you need to do:
- Shutdown the vCenter server (disable it in the Services Control panel)
- Change the password for your vCenter user in the oracle DB
- Now here it the BIG gotcha. On the windows side you have to run a CMD prompt as an admin user. Just clicking on it in the start menu won't do it. You have to right click on it and do "Run as Administrator". If you fail to do this, the next step will fail and just piss you off even more. (The reason for this is the username and password are stored in the registry and I guess running cmd as normal user revokes all privs to modify the registry.)
- Now go to the location where VMware vCenter is installed and run the vpxd command with either a -p or a -P. If you use the lower case -p it will prompt you for the new database user password. If you use the -P option, right after the P you can put the new password on the command line.
- Now you should be able to start back up the vCenter processes.
Now if you need to change the userid, you need to use Regedit and go to :
HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\VMware VirtualCenter\DB (under My Computer)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\VMware, Inc.\VMware VirtualCenter\DB for 64 bit versions of Windows.
and change #2 to be the new userid.
This is documented in the VMware KB Article : Changing the vCenter database userid and password. But if you don't pay attention go the run as part, you will spend a lot of time trying to figure it out even if you are logged in as an administrator.
If your password expires in Oracle while vCenter is up and running, it appears to continue to work while it is up. But if you reboot the vCenter server or restart the vCenter processes, it will "hang" and never start. They also need to make their error messages a little more detailed as to why it is 'failing' to start.
It seems that the new "thing" on the internet these days is port scanning for port 22 (aka SSH). I was going through my firewall logs on my home router and over the last week or so, it is broken down as follows:
|Korea, Republic of||738|
|Moldova, Republic of||6|
As a comparison, attempts that were blocked that weren't ssh only totaled 1430. So are these bot's or people looking for rogue iPhone's or just trying to find new vulnerabilities in SSH? The interesting thing is it appears that each source IP tries 3 times. The second try is 3 seconds after the first and the third is 6 seconds after the second.
An interesting IP is 22.214.171.124, which has tried 303 times since the 14th. The IP is from Germany and also appears on several SSH dictionary attacks. So is it time to start running services on non-standard ports?
Just released, another exploit to Internet Explorer 6 & 7, that allows "hackers" to install software on your machine... What do the major Antivirus people say:
How many mom and pop's out there even know how to disable java script, and only visit sites they trust? Let alone make sure their antivirus definitions are updated. I have seen some virus trick Symantec's AV in to thinking the definitions were up to date, and then I go to find hundreds of virus' on my parents computer. This is just another reason why building the web browser in to the OS is a bad thing and why it should be sandbox'd off in to its own little area.
It seems that Apple finally released a patch for the iPhone about the security issue I wrote about back on May 1st (More Security Stuff)
From Apple's Web Site:
Available for: iPhone OS 1.0 through 3.0.1, iPhone OS for iPod touch 1.1 through 3.0
Impact: User names and passwords in URLs may be disclosed to linked sites
Description: Safari includes the user name and password from the original URL in the referer header. This may lead to the disclosure of sensitive information. This update addresses the issue by not including user names and passwords in referer headers. Credit to James A. T. Rice of Jump Networks Ltd for reporting this issue.
Not sure when James reported it though. So I don't know if I found it before him or not. Anyways, here is my suggestion, if you use an iPhone and have EVER logged in to a web site with a username and password, you need to change that password immediately and then apply the patch from Apple to your iPhone. I know there are some people who view my site that use an iPhone and are clicking on links from other websites, therefore sending your username and password to me as well.