ESXi VM packet sniffing tcpdump port group

You need to sniff the packets of a particular VM but can’t get tcpdump or tcpdump-uw to work properly. It’s not tcpdump that you want to use, but pktcap-uw.

pktcap-uw is a marvelous tool for looking at the packets from a VM.

A quick and simple dump is achieved with this command: pktcap-uw –switchport 50331881 -o /tmp/50331881.pcap

–switchport is the virtual port ID of the VM. -o outputs the the dump in a pcap format file that can be viewed in Wireshark.

To find the switchport ID of a VM, type the command: net-stats -l

net-stats -l will output a list of all of your VMs and their port numbers.

Windows XP TLS 1.2 and other things to make it usable in 2020.

You have an ancient Windows XP you need to access and keep online.

  1. Run Windows Update

2. A working browser is crucial. Firefox ESR 52.9.0 32 bit works great and is available here: https://ftp.mozilla.org/pub/firefox/releases/52.9.0esr/win32/en-US/

3. Install TLS 1.1 and TLS 1.2 and update IE8 using the POS files. This website is all you need to accomplish this task:

https://emailarchitect.net/easendmail/sdk/html/object_tls12.htm

4. After you do all of the above update, upgrade RDP. RDP has had a lot of security holes over the years and you will want to update it urgently: https://support.microsoft.com/en-us/help/4500331/windows-update-kb4500331

VMX grayed out and VM can’t be added to inventory.

You are browsing a VMware ESXi datastore and attempting to “Add to inventory”, but the VMX is grayed out.

There is a problem in your VMX file. The VMX files are automatically scanned on a directory listing and if there are problems in the file you won’t be given the option to add it to inventory.

This usually occurs when you copy and paste a code snippet from someone using a Mac (ugh).

Need VMware Hosting? Contract VMDK Hosting.

Enable RDP on Windows 8 Home or Windows 10 Home

You have a need to enable RDP on an old machine running Windows 8 Home and discover that only Windows 8 PRO has RDP abilities.

The solution is to install RDPWrap created by these fine individuals:

https://github.com/stascorp/rdpwrap

“The goal of this project is to enable Remote Desktop Host support and concurrent RDP sessions on reduced functionality systems for home usage.”

If the new version does not work on your system, use 1.15.

Enable RDP on Windows 8.1 Home Edition

vSphere Replication Appliance won’t reconnect to vCenter

For a multitude of reasons your VR appliance is not connected to vCenter, such as:

  1. You updated the SSL certificate
  2. You disconnected the ESXi host that had the vSphere Replication appliance
  3. You rolled back vCenter from a backup or snapshot

Login to the VMware vSphere Replication appliance.

Identify the password of your keystore. To do this, type this command:

/opt/vmware/hms/bin/hms-configtool -cmd list | grep keystore

Note the keystore password.

Now execute this command:

java -jar va-util.jar -cmd certauth -host vCenter_Server_IP-address -port 80 -user vCenter_Server_USERNAME -pass vCenter_Server_PASSWORD -extkey com.vmware.vcHms -keystore /opt/vmware/hms/security/hms-keystore.jks -keystorealias jetty -keystorepass KEYSTOREPASSWORD

FSCK LVM on CentOS Won’t Boot

Your VM won’t boot. FSCK needed on an LVM. You don’t have root and are screwed.

Boot the rescue disk.

Scan all disks for partiitions: 

Scan all disks for volume groups and build /etc/lvmtab and /etc/lvmtab.d/* which are the database for all other lvm commands:

Change attributes of a logical volume

Scan all disks for logical volumes

Then I was able to run fsck as follows

fsck -f /dev/VolGroup00/LogVol00