Gallery

The spam is out, but the viruses are in

Posted on 3 Mar 2009 at 17:50

This month, Steve Cassidy offers his take on spam, and finds that version 2 of VMware doesn't live up to first appearances.

A new client this year listened to me explaining this, and then ten minutes later bought an old G5 Mac from Ebay complete with a one-version-ago copy of OS X Server. His main server mounts the only share this machine presents as a drive letter, and SyncToy copies everything to it every day. His protection has improved hugely, even just by doing that. I've performed two other similar tricks in the run up to Christmas using CentOS (www.centos.org), which can fulfil the same role equally well since it's a version of Red Hat Linux, but with a much slower patch and update cycle.

It may sound perverse to be nostalgic for the "good old days" of spam, but the sheer numbers that underpinned the McColo venture shows that it wasn't being carried out by just a few spotty kids, nor was it an idle attempt at drawing attention like much of the virus traffic. It was a big deal, but we now have a new, even grubbier and even spottier world order to live with.

VMware 2

Let's get the wow-factor out of the way as soon as possible. I like the way that VMware Server 2 looks. Gone is that separate application to view the "server console", and instead there's an extra HTTP server added to your machine on port 8333. When you click on the nice new VMware Server icon, you actually get a page in your machine's browser - or a new tab in the browser you already have open - and inside that you get a list of all your loaded and available VMs, plus a dandy little form for editing all their attributes and components. It's all just static data really, so why write a special-purpose application to edit it? The web is there for doing that kind of job above all else, and there's major precedent because VMware does a massive amount of its business from inside the hypervisor by reading text files in the classic format. I wouldn't even try to guess how many systems work this way the world over, using an .ini file as an intermediary between a user's choices and the decisions a machine takes in varying its activities. So, of course a web browser is the perfect way to present it.

However, it stops there. Unlike the VMware 1.x console viewer, which was a boring old special-purpose compiled application, the version 2 server console is only a console. To see the screens of your VMs you'll need to take a few extra steps: you have to install a custom web control, which then in turn displays the screen of your VM in a popup window. You can drop a shortcut onto your desktop that launches the popup window as a standalone, and this is the closest you can get to the way that Server version 1.x used to work. And it isn't all that close, because that old sense of watching an operating system booting up inside a fish tank is lost... Above I've been describing how we're currently facing a sharp rise in the traffic in infectious viruses and trojans, and the brutal truth is that VMware Sever 2 almost goes out of its way to look to your browser just like some irritating sub-species of virus.

As a baby web server running on your local machine, it lacks a number of attributes that have become important in the current plague of fake phishing sites - it has no usable certificate, so the grown-up browsers will complain about it and refuse to let you reach it. This isn't mentioned in the install documentation for the product, so you hit the forums and you run into that modern-day equivalent of the Spanish Inquisition, the Brotherhood of Browser Evangelists. It's all easily fixed if you turn off all those annoying security features they say, or if you downgrade from IE7 to IE6, or if you use Firefox.

Download a year of Steve Cassidy's Networks columns by heading to our Free Downloads site