Reap the rewards of the open-source community courtesy of Douglas Toombs from Windows IT Pro Magazine
Find your free tools:
"LocatePC"
"OCS Inventory NG"
"PRTG"
"SIW"
"SyncBack"
"TrueCrypt"
"WinDirStat"
"Wink"
"BareTail"
"Ethereal"
"FileZilla"
"NeWT"
"Ngrep"
"OpenSSH"
"WinDump"
"WinPcap"
"Winfingerprint"
"CamStudio"
"CDBurnerXP"
"Comodo Firewall Pro"
"DriveImage XML"
"GParted LiveCD"
"JkDefrag"
"PageDefrag"
"TestDisk"
My only disappointment is that we are currently in the middle of moving our current Solutions Centre from one Office location to the other so it’ll be some while before I get a chance to test this.
It certainly looks quite impressive and it does have some lofty aims, but from a brief look through as well as their well deserved reputation based on Flex Profiles I’m sure this will stand up to it’s promises.
Test Scenario’s
With login VSI you can compare many different scenarios:
• VDI vs. SBC
• VMware, XenServer or Hyper-V running virtual desktops or Terminal/Citrix Servers
• Virtualized XP desktops versus virtualized Vista Desktops
• Performance impact of application streaming technologies
• Impact of (different) virus scanners
• Performance impact of tuning parameters
• Different VDI platforms
• Different Storage platforms
• Impact of changes or updates like service packs or security fixes
• Hardware differences
• x64 vs. 32 bits
• Etc…
I’d be very interested in hearing from anyone who does have the facility to test?
Login Consultants develop presentation virtualization benchmarking tool
Monday, May 12, 2008 | 0 Comments |
The consulting firm Login Consultants just opened the beta program of the first benchmarking tool for presentation virtualization: Login Virtual Session Index (VSI).
The product will measures the performance of a remote desktop session served by a Microsoft Terminal Services / Citrix XenApp server or a VDI virtual machine.
To run the tool it’s required to have a 4 tiers infrastructure: a domain controller for the authentication a file server for logging user sessions, a server to host the TS/XenApp/VDI service and a workstation to launch the user sessions.
The firm is also working to introduce support for application streaming.
Enroll for the beta here.
virtualization.info: Login Consultants develop presentation virtualization benchmarking tool
So here in Australia we might be one of the first countries to have the iPhone unlocked and provided by two Carriers? (Optus and Vodafone) BUT - only if you are prepared to wait until the end of the year? Please….. anyone I know who is seriously interested in the phone has already arranged one from elsewhere.
BTW, a colleague recently found out how delicate the glass screen is, OUCH!!
So I would have provided more of a quote for this story but it appears that MISaustralia.com has come up with a mechanism where when you highlight a section of text it then drops every second character …. 
Optus confirms iPhone plans
So along with Alessandro I’m curious as to why the name ThinApp has been chosen as it does have more than a passing resemblance to Citrix’s new XenApp?
I wonder if this is any indication of the coming marketing campaigns in the push for customers attention in the Desktop Virtualization market? 
VMware ThinApp is the final name for Thinstall technology
In January 2008 VMware, a hardware virtualization company, acquired an application virtualization startup called Thinstall.
The plan is to use the Thinstall technology to stream virtualized applications on the virtual desktops that VMware spawns through its connection broker: the Virtual Desktop Manager (VDM).So fare VMware has been pretty fast in rebranding the Thinstall Application Virtualization Suite: the beta program for the new version is open since end of February and the testers can already download the beta 2.
The final version of the product, temporarily called Project North Star, is expected for the H2 2008.The only information missing so far was the final name that VMware wants to use.
Now Micheal Keen, Director and Senior Solutions Architect in the Enterprise Architecture group at Alliance Technologies, reveals that the final name is ThinApp.Duncan Epping further validates the news reporting that a former Thinstall employee confirmed.
The choice is interesting considering that Citrix just renamed its Presentation Server product in XenApp.
virtualization.info: VMware ThinApp is the final name for Thinstall technology
So I apologise in advance that this news was out about a month ago, but thought it worth reposting because of the security implications - there are a lot of traps for the unwary and if you are in any doubt you might want to head over to http://www.scambusters.org/ to check if it’s real or not?
By Scott Dunn
A Flash-based advertisement that appeared last week on the USA Today site downloaded malicious code to users’ computers, generating erroneous warnings of a malware infestation and offering a phony solution.
The Flash vulnerability is so widespread that such "malvertisements" may be present on thousands of sites, but there are measures you can take to reduce your exposure.
Just opening the page puts you at risk
Visitors to USAToday.com last Thursday got more than they bargained for. A hacked Flash advertisement meant that merely viewing a page in your browser was capable of triggering a malware attack on your PC. According to an alert on the security site Websense, the ad can take control of the browser without any user interaction at all.
Two days after the ad appeared on the USA Today site, two prominent Utah-based news sites, DeseretNews.com and SLTrib.com, were found to have similarly dire banner ads. These ads directed users to various unexpected locations, including the site for AntiSpywareMaster. This destination has been called a "corrupt anti-spyware parasite" and a "fake program" by the RDV Group, a safe-computing organization.
News sites aren’t the only victims of what Sandi Hardmeier, who authors the blog Spyware Sucks, calls "malvertisements." The ads themselves may appear perfectly harmless, notes Hardmeier, who’s been recognized as an MVP (Most Valued Professional) by Microsoft. "The criminals behind such malvertisements . . . have no shame," she writes, "impersonating everything from WeightWatchers to Oxfam."
Advertisements are not the only source of the problem. The principal conveyors of this malicious code are Flash animations (or .swf files), which are commonly used to create intro screens, online video, and other Internet content in addition to Web ads.
Of particular concern are Flash files that are vulnerable to insertion of malicious code using a technique called cross-site scripting, or XSS.
This vulnerability was widely publicized earlier this year by Google researcher Rich Cannings and his co-authors in their book Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions. According to a report in the U.K.–based tech-news site The Register, a Web search revealed more than 500,000 vulnerable files on major Web sites.
A permanent fix is a long way off
Makers of Flash-building tools, including Adobe, Autodemo, TechSmith, and InfoSoft, quickly updated their development environments to patch the holes, according to a March story in The Register. But because many of the vulnerable files have to be regenerated from scratch, a titanic number of high-risk Flash files remain online.
Speaking at last month’s CanSecWest security conference in Vancouver, B.C., Cannings estimated that over 10,000 sites host the risky files, The Register reported.
But that estimate may be low. In his security blog, Jeremiah Grossman, founder and chief technology officer of WhiteHat Security, writes that "potentially hundreds of thousands" of Web sites could be at risk. "Reasonably workable fixes are going to be a long time coming," he adds.
Even diagnosing the problem can be a challenge, notes Spyware Sucks’s Hardmeier. She points out that advertising commonly appears on Web sites in one of two ways: either the Web site’s staff handles its own advertising and posts the ads directly, or the site is served ads from an advertising network, which typically manages the content.
Unfortunately, it isn’t always easy for sites or advertising networks to detect problem ads. "Malvertisements are coded to exclude particular IP addresses, cities, states, and even entire countries," Hardmeier explains. "It is standard operating procedure for a malvertisement to be coded so that it will not trigger a redirect if displayed on a computer within the IP range of the victim Web site or victim advertising network."
What you can do to protect yourself
Even though the long-term solution is for the providers of Flash-based content to create more-secure versions of their files, there are some measures users can take to protect themselves. These protections are not foolproof, but they at least reduce the risk of exposure to malware via compromised Flash files.
Some of these tips come from Andre Gironda, Secure SDLC Consultant and author of the ts/sci security blog, who posted his pointers in a comment to Grossman’s blog posting.
The no-Flash option
The most effective – albeit drastic – way to protect yourself from malware-bearing Flash files is to uninstall Flash entirely. Adobe provides a special tool for doing this; you can find instructions and a link for downloading this file in a Technote published on the Adobe site.
The part-time-Flash option
If going without Flash entirely is too extreme, you can limit the sites that use this and other risky plug-ins by installing free browser add-ons that let you manage active Web content more granularly:
For Internet Explorer, TurnFlash lets you toggle between blocking Flash files and allowing them to run. A tray icon lets you turn Flash on or off, but the setting takes effect only in any new IE windows that you launch, not in the existing browser window.
A similar utility called No! Flash also switches Flash on and off, but it also gives you the ability to turn off several other elements, such as Java applets and other scripts. As with TurnFlash, the changes take effect in the next IE window you open.
For Mozilla Firefox, a plug-in called Flashblock disables all Flash content on Web sites and replaces it with a round Flash logo. You can selectively enable Flash files by clicking their icons.
For more comprehensive security, the plug-in NoScript not only disables Flash but also turns off Java, Silverlight, and other active Web elements. A NoScript icon in the Firefox status bar provides a pop-up menu for adding a site you trust to the add-on’s "whitelist," which enables all scripts and animations on the site (but not necessarily those on the site’s pages that are served up by ad networks). You can also right-click a link in Firefox to set its NoScript options via the context menu.
The minimal option
At the very least, update the Flash Player software on your system to the latest version (9.0.124.0 or higher). In the last three months, Adobe has patched a number of security holes in this product. The update won’t protect you from all buggy Flash files on the Web, but it will make your browsing much safer.
You can download the latest Adobe Flash Player from the Adobe Web site.
After you install the update, run the free Secunia Software Inspector online malware scanner to find old versions of the Flash Player that may have been left behind on your system. Secunia’s on-screen report will show the path and filename of the old files you need to delete. You may have to run the inspector more than once to make sure all the old files are deleted. If you delete a needed file by mistake, simply run the newest Flash Player installer again to correct the problem.
One danger posed by Flash bugs is the ability of hackers to get your login credentials for a given site. Andre Gironda recommends creating multiple Firefox profiles, each with its own NoScript (or, if you prefer, Flashblock) settings. He uses his Flash-enabled profile to browse sites such as YouTube, but he exits that browser and launches his Flash- and script-blocked copy of Firefox when he conducts online banking and visits other sites that require logins.
To set up a Firefox profile, do the following:
Step 1. Choose Start, Run. Type cmd.exe and press Enter.
Step 2. At the command prompt, type:
"C:\Program Files\Mozilla Firefox\firefox.exe" -profilemanager
Then press Enter. (Note that the quotation marks are required and that your path may differ.)
Step 3. If you want Firefox to prompt you for a profile each time you launch it, uncheck the option Don’t ask at startup in the Firefox — Choose User Profile dialog box.
Step 4. Click Create Profile and follow the steps in the wizard to name your new profile. Repeat the steps to create a second profile. For example, you might name one profile Flash-Yes and another Flash-No. When you’re done, click Exit.
Step 5. Rather than being prompted for a profile each time you open Firefox, create separate shortcuts to launch each profile. For example, if you have a shortcut to Firefox in your QuickLaunch toolbar or on the desktop, drag the shortcut with the right mouse button pressed, drop it, and choose Create Shortcuts Here.
Step 6. Right-click one of your Firefox shortcuts and choose Properties. Click the Shortcut tab and edit the command line so it ends in with -p followed by a space and the name of one profile. For example, the entire command line might read:
"C:\Program Files\Mozilla Firefox\firefox.exe" -p Flash-Yes.
Repeat these steps for a second shortcut to launch your other Firefox profile.
Step 7. You may need to download and install one of the plug-ins described above for these profiles and configure each profile’s browser differently. However, any changes you make should be saved with that profile, so they will be in effect the next time you launch it.
A complete solution to high-risk Flash files may not come any time soon. Until the creators and managers of these files can ensure a high degree of safety, users have to be extra cautious to avoid the risks of Flash-borne malware.
For more on Flash security vulnerabilities, see Windows Secrets contributing editor Mark Edwards’s Apr. 10 PC Tune-Up column.
Some cool links and resources came across my desk this morning
Microsoft TechNet Deployment Tech Center
http://www.microsoft.com/desktopdeployment/
Microsoft Deployment Team Blog
http://blogs.technet.com/msdeployment/
MCS - "The Deployment Guys"
http://blogs.technet.com/deploymentguys/
Newsgroups:
microsoft.public.deployment.desktop
microsoft.public.sms.tools
Non-Microsoft resources:
MyITForum
http://www.myitforum.com/myITWiki/OSD.ashx
Johan Arwidmark’s team site and blog
Deployment Forum – Jerry Honeycutt’s site
http://www.deploymentforum.com/
Microsoft Deployment Toolkit Video Walkthroughs:
MDT Lite Touch walkthroughs
SCCM 2007 and Microsoft Deployment Toolkit - Video Walkthrough
BDD 2007 Lite Touch and SMS 2003 Zero Touch Video Walkthroughs
Windows XP Whitepaper – Preserving OEM Activation 1.0:
http://technet.microsoft.com/en-us/library/bb457078.aspx.
Windows Vista Whitepaper – Preserving OEM Activation 2.0: http://www.microsoft.com/downloads/details.aspx?FamilyID=8f9753d6-0714-4940-884a-33027683e328&DisplayLang=en
I am sure this is not really what VMware had in mind when they were touting VMware OnDemand? I’m guessing they had more of an idea that it would combine some of the benefits of ACE with ESX?
I have just got back from some training in Houston and while listening to a question from a colleague from the UK where he asked if "VDI was going to be able to use the full suite of Hypervisor functionality like vMotion…" and that got me thinking…
Some of the Conventional Wisdom around the place holds that VDI by itself will likely not be able to cover all of any one customers needs and most will more than likely need to look at quite possibly a number of different approaches to cover ALL employees and ALL Applications.
So with this in mind I’d be interested in your thoughts on the following idea?
Just a few thoughts around VDI??
Let’s say that we stock a couple of decent servers with loads of resources and allows us to run quite a few VDI instances? OK? So one of the possible issues with the classic VDI so far is that if a user places a bit too much pressure on the resources then it has the potential to impact on all other users, being as it is a shared resource? (This is still one of the classic gotcha’s in Terminal Server and Citrix PS - the session is sticky and it stays with the same server unless a logout/login occurs)
So one idea I’m kicking around is the possibility that if a user started something like a 120Mb Excel spreadsheet that might consume quite a bit of CPU then would it be possible to use the vMotion to transfer him to a BladePC, if they started 3 or 4 of them (or they needed more resources?) then transfer them to a BladeWS…..?
Seamlessly!! with the user completely unaware that this has happened!!
Now the fundamentals of vMotion (or XenMotion for that matter?) requires shared boot storage - BUT I don’t think it needs to be NFS or iSCSI, etc. - the Citrix Provisioning Server or OS Streaming method like Neoware IM would probably work just as well in this scenario? As this then leaves the Virtual HardDisk/Storage in a common area accessible by the Vitrual Desktops regardless of whether they are running on VDI’s, the BladePC’s or the BladeWS’s.
The other point is the similarity of CPU would possibly cause an issue, and this probably extends beyond just Intel/AMD? This appears to be a fundamental of vMotion/XenMotion? So this might not fly today, but it is possible that with improvements in the Hypervisors this issue might be overcome at some stage soon?
Anyway, what do you think of the *idea/concept*? As a user requires more CPU and resources they might be able to be transferred from shared resources (VDI on ESX) to individual resources (BladePC) and then high powered resources (BladeWS) - once the high intensity workload has finished then the user would be transferred seamlessly back through the stack to a VDI instance on the ESX server.
Please bear in mind that this is only a concept at the moment and there are clearly problems and issues to be overcome - but the main reason for this post is to ask if you think it has legs? What do you think?
Clearly the ESX/Hypervisor would need to be able to run on hardware outside of it’s current Hardware Compatibility List (HCL) but with Xen this might not be such an issue?
Is wonder if this is where XenDesktop is headed?
So this turned up in my email this morning courtesy of Login Consultants and I must admit that I am intrigued as to what it’s full capabilities will be, but judging by their previous efforts with tools like Flex Profiles I’m sure it will be a very useful tool indeed.
May 7: 1st Beta Release Free “Login Virtual Session Indexer”
May 7th Login Consultants will release the first beta of Login Virtual Session Indexer (Login VSI), a free and easy to use benchmarking methodology from Login Consultants. The Login VSI is a complete toolset that allows you easily to compare scalability of all virtualization platforms and technologies. Login VSI supports all recent Windows OS’s (including 32 and 64bit), Office 2003 and 2007, all application streaming technologies and most importantly both SBC and VDI.
Because the setup is so simple there is an infinite amount of combinations and technologies you can now compare. For instance, you can also measure the relative impact of a virussanner or performance optimization technologies. Additionally, Login VSI will be a perfect tool to compare scalability of different virtualization platforms. Enter May 7th in your agenda, and watch our website www.loginconsultants.com.
I have recently been looking at what is available in the way of Media Streaming devices and other forms of DVR under this post - Everex gPC Mini as a potential Media Streaming device? or mini HTPC? - and this news from Sigma Designs certainly would appear to raise the bar as far as performance goes for the next generation of Set top boxes?
The only annoying part of this is that because I keep an eye on what is potentially coming to market, I keep putting off making a decision because I’m waiting for the next release… <sigh>
The really annoying part of this <below> is the Microsoft Mediaroom, not because of what it is, but because of what it promises that is not available yet, grrrrrrr. This is exactly the sort of thing we would all like to hook up to the large LCD, but as far as I can see this is essentially a "mock up" of what is possible to deliver using MS’s IPTV *NOT* what is available - and more is the pity?
SoC for STB’s has triple processors
Apr. 15, 2008
Sigma Designs has introduced a pair of set-top box SoC’s (System on Chip) that run Windows CE and Microsoft’s Mediaroom IPTV software stack. Powered by three MIPS cores apiece, the SMP8654 and SMP8655 boast accelerated graphics and compliance with HDMI (high-defintion multimedia interface) 1.3, says Sigma.
The SMP8654 and SMP8655, differing only in the latter’s omission of Macrovision, are designed to replace the company’s "industry leading" SMP8634. And indeed, they appear to be a significant advance on it. Where the older SMP8634 had a 300MHz MIPS CPU and a 200MHz security CPU, the SMP865x chips boast triple MIPS processors, for a claimed fifty percent speed boast, according to Sigma claims:
- A 500MHz processor runs the operating system and applications
- A 333MHz processor manages interrupts and part of the network stack
- A 333MHz security CPU, deliberately inaccessible by external interfaces, manages authentication, key generation, and content access functions
Sigma’s 865x SoC sports three processors
(Click to enlarge)The SMP865x chips offer high definition video decoding, including H.264 (MPEG-4 part 10), WMV, VC-1, MPEG-2, and MPEG-4 (part 2). They also support China’s home-market AVS (audio video standard). HDMI 1.3 support offers bandwidth to 340MHz, while adding support for the Dolby TrueHD and DTS-HD formats used by Blu-Ray and HD-DVD.
Other touted features for the SMP865x chips include:
- On-chip flash memory (24K for 500MHz processor, 4K for interrupt/stack processor)
- DRM (digital rights management) engines
- 2D graphics processor including scaling, JPEG and OpenType acceleration
- Dual gigabit Ethernet controllers
- Dual USB 2.0 controllers
- DDR2 controller supporting memory up to 666Mbps
- NAND flash controller
- SATA controller
- Audio I/O
- Simultaneous HD and SD video outputs
Sigma did not cite pin compatibility with its previous SoCs, but said the SMP865x chips are software-compatible with them.
Just a word of warning…!!!
The lovely missus this afternoon called out that there was "some Virus Alert thingy on the computer screen" and did I want to sort it out? Being as bright as she is she knew that one thing you don’t do is to run any download that you didn’t initiate yourself?
Natalie had simply been trying to find a recipe on the Internet that she had just seen on a cooking show. It looks like as part of viewing that website the *proported* scanning process kicked in claiming that I was infected by 3 "high risk" viruses and offered to disinfect my Computer if I clicked on OK - not surprisingly it is not possible to actually cancel this installation - the only way to halt the install/scan at this point would appear to be to use Task Manager to kill IExplorer?
I must say that this looked pretty convincing, and it would not surprise me in the slightest that this would be getting a lot of success out in the wild with most average users
Now just for those of you that think this is all a bit too much and this stuff doesn’t happen much at all, have a look at some of the details from Google’s Online Security Blog as noted by ITnews
"It has been 18 months since we started to identify web pages that infect vulnerable hosts via drive-by downloads, i.e. pages that attempt to exploit visitors by installing and running malware automatically," the Google blog stated yesterday.
"During that time we have investigated billions of URLs and found more than three million unique URLs on over 180,000 sites automatically installing malware."
Google’s team also reported that around two per cent of malicious websites are delivering malware via advertising.
So even at 2% of sites that means that if you only browse to 7 sites a day then there is a good chance you have been infected that week? Scary thought?
Loading ...