How to install VyOS Router/Appliance as DNS Server

•17 de Junho de 2014 • Deixe um comentário

//
//
Hi there guys,

I have already covered on my last two posts how to install VyOS Router/Appliance on Hyper-V, see here:

How to install VyOS Router/Appliance on Hyper-V – Part 1: Setup and Install

How to install VyOS Router/Appliance on Hyper-V – Part 2: Configuration

 

I run my Lab’s on Hyper-V and VyOS is a fundamental piece to simulate real network environments. Sometimes I need to simulate a Public facing DNS Server and for that I will turn VyOS into my Public DNS Server.

You can’t do this by default on VyOS as the DNS Server packages are not available on the VyOS repository.

The following process will explain how to ground up a DNS Server on VyOS.

 

1. Install DNS Server packages on VyOS

We need to install the DNS Server packages (Bind9) from the Squeeze repository.

1.1. Adding Debian Squeeze repository to VyOS Sources List

Bind9 package is not available on VyOS source, so you’ll need to add the Debian Squeeze repository to the sources list (VyOS is based on Squeeze…).

# configure
# set system package repository squeeze components ‘main contrib non-free’
# set system package repository squeeze distribution ‘squeeze’
# set system package repository squeeze url ‘
http://mirrors.kernel.org/debian’
# commit
# save
# exit

You can validate the above configuration on the apt sources.list:

# sudo nano /etc/apt/sources.list

VyOS_Sources_list_thumb3

On the second line you can see the new apt repository (squeeze):

deb http://mirrors.kernel.org/debian stable main contrib non-free # squeeze #

To exit Press [CONTROL]+[X] Keys.

1.2 Update the packages list

To update the packages list from the new Squeeze Source make sure your Internet router (my router IP 192.168.1.1) is turned on so that from now on VyOS can access the Internet and update and download packages.

# sudo apt-get update

VyOS-apt-get

1.3 Install DNS Bind9 package:

# sudo apt-get install bind9 bind9-doc dnsutils

2. Chroot (jail) Bind9

It is not a good idea to run Bind9 as “root”, the following process explains how to chroot (jail) Bind9.

We will automate the whole process with a Shell script.

2.1 Create a Scripts folder and Shell script

Create a Scripts Folder and shell script named “chroot-bind9.sh” with the following:

# mkdir -p $HOME/scripts
# sudo nano $HOME/scripts/chroot-bind9.sh

Insert the following code to the Script and when finished type [CONTROL] + [X] keys to exit and save the file.

#!/bin/bash

sudo /etc/init.d/bind9 stop

sudo mkdir -p /var/chroot/bind9/{etc,dev,var/cache/bind,var/run/bind/run}
sudo chown -R bind:bind /var/chroot/bind9/var/*

sudo mknod /var/chroot/bind9/dev/null c 1 3
sudo mknod /var/chroot/bind9/dev/random c 1 8
sudo chmod 666 /var/chroot/bind9/dev/{null,random}

sudo mv /etc/bind /var/chroot/bind9/etc
sudo ln -s /var/chroot/bind9/etc/bind /etc/bind

sudo chown -R bind:bind /etc/bind/*
sudo chmod -R g+w /etc/bind/

sudo echo “$AddUnixListenSocket /var/chroot/bind9/dev/log” > /etc/rsyslog.d/bind-chroot.conf

sudo sed -e ‘s,”-u bind”,”-u bind -t /var/chroot/bind9″,’ /etc/default/bind9 > /tmp/x && mv /tmp/x /etc/default/bind9

sudo /etc/init.d/bind9 start

 

2.2 Run the Shell Script to chroot Bind9

We need to make the script executable and run it with the following:

# cd $HOME/scripts
# sudo chmod u+x chroot-bind9.sh
# sudo ./chroot-bind9.sh

 

2.3 Fix “managed-keys.bind” file not found

If you check the syslog you will notice that there is an issue while loading the file “managed-keys.bind”, you can check the syslog with the following command:

# tail –f /var/log/messages

You will notice this entry:

managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found

After confirming the failure on the syslog entries you can exit tail by pressing [CONTROL] + [C] keys.

 

To fix this first let’s announce the bind.keys location by editing “named.conf”.

# sudo nano /etc/bind/named.conf

Append to the last line the following entry:

include “/etc/bind/bind.keys”;

Here is a print screen with the output:

VyOS_Bind-keys

The file “managed-keys.bind” does not exist, we can create an empty one with touch and give the appropriate rights, for that do the following:

# sudo touch /etc/bind/managed-keys.bind
# sudo chown bind:bind /etc/bind/managed-keys.bind

 

3. Configuring DNS Zones files

Finally we can configure the DNS forward and reverse lookup zones and a DNS Forwarder.

I will create a forward lookup zone for the domain name “labdom.com”, a reverse lookup zone for the network segment “192.168.1.0/24” and a DNS Forwarder to my 3G ISP Router (192.168.1.1) so that the DNS Server can resolve public DNS names.

3.1 Create a DNS Configuration file

Go to the bind folder:

# cd /var/chroot/bind9/etc/bind

Create a backup of ”named.conf.local” to “named.conf.local_ORIGINAL”:

# sudo cp named.conf.local named.conf.local_ORIGINAL

3.2 Create a Forward Lookup zone file

Create the forward lookup file “labdom.com” from the default template file “db.local”:

# sudo cp db.local labdom.com

3.3 Create a Reverse lookup zone file

Create the reverse lookup file “labdom.com.loopback” from the default template file “db.127”:

# sudo cp db.127 labdom.com.loopback

3.4 Configure the DNS Zone configuration file “named.conf.local”

Now lets configure “name.conf.local”, for that start editing the file:

# sudo nano named.conf.local

Add the following entries to the “named.conf.local”, to configure the forward and reverse lookup zone and their location, at the end Press [CONTROL]+[X] Keys to Save the file and Exit:

#Public Zone
Zone “labdom.com” IN {
type master;
file “/etc/bind/labdom.com”;
allow-update {none;};
};

#Reverse zone
Zone “1.168.192.in-addr.arpa” IN {
type master;
file “/etc/bind/labdom.com.loopback”;
allow-update {none;};
};

3.5 Configure the DNS Forward lookup zone “labdom.com”

Edit the forward lookup zone file “labdom.com” with the following:

# sudo nano labdom.com

Add the following entries to the “labdom.com” and at the end Press [CONTROL]+[X] Keys to Save the file and Exit:

$TTL 604800
@ IN SOA labdom.com. root.labdom.com. (
2 ;Serial
604800 ;Refresh
86400 ;Retry
2419200 ;Expire
604800 ) ;Negative Cache TTL
;

@ IN NS labdom.com.
@ IN A 192.168.1.254
@ IN AAAA ::1
DA IN A 192.168.1.50

On the forward lookup “labdom.com” zone we added the “A” record for the host name “DA” with the IP 192.168.1.50.

The arrangement for the forward lookup file can be something like this:

VyOS_forward_lookup

 

3.6 Configure the DNS reverse loopback zone “1.168.192.in-addr.arpa

Edit the reverse lookup zone or loopback file “labdom.com.loopback” with the following:

# sudo nano /etc/bind/labdom.com.loopback

Add the following entries to the “labdom.com.loopback” and at the end Press [CONTROL]+[X] Keys to Save the file and Exit:

$TTL 604800
@ IN SOA labdom.com. root.labdom.com. (
1 ;serial
604800 ;refresh
86400 ;retry
2419200 ;expire
604800 ) ;negative cache TTL
;
@ IN NS labdom.com.
50 IN PTR DA.labdom.com.

On the loopback “labdom.com.loopback” zone we added the “PTR” record for “DA.labdom.com”.

The arrangement for loopback file can be something like this in the final output:

VyOS_reverse_lookup

 

3.7 Configure the DNS cd Forwarders for public name resolution

Edit the dns options file “named.conf.options” with the following:

# sudo nano named.conf.options

Add the following entries and press [CONTROL]+[X] to save and exit

forwarders {
192.168.1.1;
};

VyOS_DNS-forwarder

 

Restart the bind9 daemon:

# sudo /etc/init.d/bind9 restart

 

R-Tape Loading error,
Luís Rato
//
//

How to install VyOS Router/Appliance on Hyper-V – Part 2: Configuration

•17 de Junho de 2014 • Deixe um comentário

Completing the series with the Part 2 of “How to install VyOS Router/Appliance on Hyper-V” with the configuration process.

On my last Post “How to install VyOS router on Hyper-V – Part 1: Setup and Install” I’ve covered:

– Introduction: My LAB environment
– Phase 1: Download VyOS and prepare a VM to run VyOS router
– Phase 2: Install VyOS on a VM

On this post I’ll cover:

– Phase 3: Configure VyOS Router
– Phase 4: Configure VyOS Network Services

Phase 3: Configure VyOS Router

1. Make sure you Ejected the VyOS iso image from the VyOS VM

2. Start the VM

VyOS_login

3. Login to VyOS

VyOS login: vyos
VyOS password: password defined during the installation process

3. Confirm that you have valid NIC’s to be configure (eth0, eth1, eth2), list the NICs:

# show interfaces

4. Configure the router network interfaces, system gateway (ISP 3G router), system name server (ISP 3G router) and hostname.

# configure
# set interfaces ethernet eth0 address 10.0.0.254/24
# set interfaces ethernet eth1 address 192.168.1.254/24
# set interfaces ethernet eth2 address 172.0.0.254/24
# set system gateway-address 192.168.1.1
# set system name-server 192.168.1.1
# set system host-name vyos
# commit
# save

Note: Just to refresh your memory, when we created and configured the VyOS VM on Hyper-V we added the network interfaces in the following order: “Internal”, “External” and “Extranet – DMZ”. When you configure VyOS interfaces “eth0”, “eth1” and “eth2” the Ip Address and Netmask for those interfaces should respect the exact same order, for instance:

eth0 = 10.0.0.254/24 (“Internal” Virtual Switch)
eth1 = 192.168.1.254/24 (“External” Virtual Switch)
eth2 = 172.0.0.254/24 (“Extranet – DMZ” Virtual Switch)

If you fail to accomplish the configuration with the same order you’ll have a mismatch between your interfaces (eth0, eth1, eth2) and their designated vSwitch (“internal”, “external” and “extranet – DMZ”), obviously this can cause network issues.

5. Enable VyOS Web administration interface (not available at the moment with VyOS 1.0.3):

# set service https
# commit
# save

vyos_http

6. Enable VyOS SSH administration:

# set service ssh
# commit
# save

Phase 4: Configure VyOS Network Services

4.1 Configure NAT

4.1.1 Enable NAT Masquerade for the “Internal” vSwitch VLAN (10.0.0.0/24) through the eth1 interface connected to the “External” vSwitch

# set nat source rule 1
# set nat source rule 1 source address 10.0.0.0/24
# set nat source rule 1 outbound-interface eth1
# set nat source rule 1 translation address masquerade
# commit
# save
# exit

The VyOS interface eth1 on the “External” vSwitch is connected to my “3G ISP Wifi Router” as I am using Wireless Bridging on Hyper-V, while doing this NAT configuration I am providing Internet access to all the VM’s hosted on the 10.0.0.0/24 subnet and masking their Addresses, even on a “Internal only” Hyper-V Switch configuration. ;)

4.2 Configure webproxy for the network 172.0.0.x/24 (extranet – dmz)

set service webproxy default-port 8080
set service webproxy listen-address 172.0.0.254
set service webproxy disable-access-log
commit
save

4.3 Configure the name resolvers for VyOS

Edit the dns options file “resolv.conf” with the following:

# sudo nano /etc/resolv.conf

Add the following entries and press [CONTROL]+[X] to save and exit

nameserver 127.0.0.1
nameserver 192.168.1.1

With this dns resolvers configuration pointing to the localhost “127.0.0.1” VyOS will return DNS queries from it’s own DNS zones if you are running a DNS Server on VyOS (e.g. “labdom.com” and “1.168.192.in-addr.arpa”), and while also pointing to 3G ISP Router IP address 192.168.1.1 it will either resolve DNS queries on the Internet.

This completes the series of “How to install VyOS Router/Appliance on Hyper-V”.

R-Tape Loading error,
Luís Rato

How to install VyOS Router/Appliance on Hyper-V – Part 1: Setup and Install

•17 de Junho de 2014 • Deixe um comentário

//
//
Greetings everyone,

on today’s post I will walk you through the process of installing and configuring VyOS on Hyper-V, but first I need to talk about the predecessor Vyatta.

Vyatta was an Open Source software based on Linux for vRouter, Firewall, VPN and IPv4/IPv6 protocols, had a similar interface to JUNOS and Cisco IOS. On their portfolio there was Physical and Virtual Appliances but you were able to run it on your own HW with two flavors, Vyatta Subscription Edition and the Free version, both could have been installed on x86 hw or VM’s on Hyper-V, VMWare, Citrix XenServer, Open Source Xen and Virtualbox.

Simple statement: Vyatta Linux Open Source SW is a dead project after they became part of Brocade, see the whole history on wikipedia: http://en.wikipedia.org/wiki/Vyatta

Some people called this a catastrophe and the community mobilized for a forked version named VyOS, which has pretty much the same interface and functionality, it’s Open Source and Free.

I’ve used Vyatta on my Lab environments for a long time and already Blogged about it, so it was about time for a replacement with VyOS.

I will provide you the details about how to setup and configure VyOS router on Hyper-V with two separate posts.

On the first post “How to install VyOS Router/Appliance on Hyper-V – Part 1: Setup and Install” I will cover the following:

– Introduction: My LAB environment
– Phase 1: Download VyOS and prepare a VM to run VyOS router
– Phase 2: Install VyOS on a VM

On the second post “How to install VyOS Router/Appliance on Hyper-V – Part 2: Configuration” I will help you understand how to configure your network and provide some network services (NAT, DNS, Proxy).

– Phase 3: Configure VyOS Router
– Phase 4: Configure VyOS Network Services

 

Introduction: My LAB environment

Brief introduction of my lab environment:

– Running Windows 8.1 RTM Hyper-V Host;
– Running several Windows and Linux VM’s;
– VyOS router is:

  1. Running on a VM;
  2. Has 3 network interfaces;
  3. Configured for 3 network segments (internal, extranet – dmz, external);
  4. Provides NAT for Internal network, Proxy Server for Extranet network;

– VyOS Router configuration details:

Intranet interface: eht0
IP/mask: 10.0.0.254/24

External interface: eth1
IP/mask: 192.168.1.254/24

Extranet interface: eth2
IP/mask: 172.0.0.0/24

Default gateway: 192.168.1.1 (3G ISP Router IP Address)

NAT: Mask 10.0.0.0/24 through eth1

– Hyper-V Virtual Switch are configured as follow:

V-Switch 1: Name: “Internal” –> Internal Only
V-Switch 2: Name: “External” –> External –> Intel Wifi Ntwk Adapter –> Allow Mgmt OS to share the network adapter
V-Switch 3: Name: “Extranet – DMZ” –> Internal Only

Here is a print screen of the Hyper-V Virtual Switch configuration

hyper-v_virtual_switch

Here is a Visio Diagram of my Lab Setup:

VyOS

Phase 1: Download VyOS and prepare a VM to run VyOS router

1. Download Virtualization ISO: http://mirror.zenflow.net/vyos//iso/release/

//

e.g. for the version – “vyos-1.0.3-amd64.iso”:
Physical/virtual 64-bit ISO VyOS 1.0.3 (Hydrogen)
Size: 223MB

2. On Hyper-V Manager we will create 3 Virtual Switchs (“Internal Network”, “External Network” and “Extranet – DMZ”)

On the right-pane “Actions” menu click “Virtual Switch Manager

Select the Virtual Switch type “Internal” and click the button “Create Virtual Switch

Type the name “Internal” (or any other you prefer) and click “OK”

Click again on the “Virtual Switch Manager

Select the Virtual Switch type “External” and click the button “Create Virtual Switch

Type the name “External”, on the External Network option select your appropriate Network interface (LAN or WIFI), leave the rest with the defaults and click “OK

At last Click on the “Virtual Switch Manager

Select the Virtual Switch type “Internal” and click the button “Create Virtual Switch

Type the name “Extranet – DMZ” and click the button “Create Virtual Switch

3. On the Hyper-V Manager we will create the VyOS VM

On the right-pane Actions menu Click “New” –>Virtual Machine

On the New Virtual Machine Wizard –> Next

Define the Machine Machine Name “VyOS” and the desired location of the Virtual Machine configuration files

If your are running a Windows 8.1 or Windows Server 2012 R2 host Select the Virtual Machine “Generation 1

Set the Memory size “512” MB (should be enough, if you need intensive network usage consider more memory)

Select the “Intranet” Virtual Switch Network, we will add the other Network interfaces later

Create a Virtual Hard Disk (default: differential) with no more than “5GB” (depending on your needs, such as logging)

Select “Install Operating System from a Boot CD/DVD” and Select the VyOS “image file (ISO)”

Review the VM configuration ao click “Finish” to complete the VM creation

Right-click on the new VyOS VM and select “Settings

On the VyOS VM properties on the “Add Hardware” section select “Network adapter” and click “Add

Select the Virtual Switch “External“, keep the defaults and select “OK

Repeat the process and right-click on the new VyOS VM and select “Settings

On the VyOS VM properties on the “Add Hardware” section select “Network adapter” and click “Add

Select the Virtual Switch “Extranet – DMZ“, keep the defaults and select “OK”

You should end up with this configuration:

VyOS_vm_cfg

 

Phase 2: Install VyOS on a VM

1. Start the VM

VyOS_boot

2. Login to VyOS

VyOS login: vyos
VyOS password: vyos

3. Start the the VyOS image installation

Install image

4. Define the following installation settings:

Would you like to continue? Yes
Mirror Raid-1 (sda and sdb)? No
Partition (Auto/Parted/Skip): Auto
Install the image on? Sda
Continue? Yes
How big of a root partition should I create? 5368MB (your HDD full size)
What would you like to name this image? 1.0.3
Which one should I create to sda? /config/config.boot
Enter password for user ‘vyos’: define a new password
Which drive should GRUB modify the boot partition on? Sda

5. When finished validate your installation by running:

show version

Confirm the following details on the output:

Version: VyOS 1.0.3
Description: VyOS (hydrogen)
System type: x86 64-bit
Boot via: Livecd
(next boot without the Live CD it will show ‘image’)
Hypervisor: Microsoft HyperV
HW model: Virtual machine

6. Shutdown the VyOS Live installation process:

poweroff

7. Eject the CD from the VM to boot from the HDD next time

 

This completes the first part of “How to install VyOS Router/Appliance on Hyper-V” with the installation process. You can access the Part 2 for the configuration process on “How to install VyOS router on Hyper-V – Part 2: Configuration”.

R-Tape Loading error,
Luís Rato
//
//

How to migrate WordPress.com blog to WordPress hosted on Azure–Part 2

•7 de Junho de 2014 • Deixe um comentário

//
//
Greetings folks,

completing the series with “How to migrate WordPress.com blog to WordPress hosted on Azure – Part 2”, I will cover the following:

5.   Custom domain name for your Azure WordPress Blog (Optional)
6.   Configure WordPress.com redirection to Azure blog (Optional)
7.   Installing plugins for similar experience with WordPress.com (Optional but recommended)

You can access Part 1 here:  “How to migrate WordPress.com blog to WordPress hosted on Azure – Parte 1” for the following topics:

1.   Login or Subscribe Microsoft Azure
2.   Create WordPress blog on Microsoft Azure
3.   Configure Azure Web Hosting Plan for WordPress web site
4.   Migrate your blog content from WordPress.com to your WordPress blog hosted on Azure

5.   Custom domain name for your Azure WordPress Blog (Optional)

As we are moving a WordPress.com blog to a self-managed solution on Microsoft Azure, you probably want to turn it more personal with a custom domain name (http://www.yourdomain.com).

5.1 Create required DNS Records on your custom domain

You can use whatever domain register service you want, I usually go for Godaddy due to Office 365 integration and acceptable costs.

When you’ve created your WordPress blog on Microsoft Azure, you registered your new blog for free on “.azurewebsites.net” with a URL like this  “http://yourblog.azurewebsites.net”.

Assuming that you already have a registered domain (YOURDOMAIN.COM), if not register a new one, you need to create a “CNAME” record that will point your domain hostname (e.g. “WWW” to access your blog through “www.yourdomain.com”) to the Fully Qualified Domain Name (FQDN) of your blog hosted on Azure (“yourblog.azurewebsites.net”).

5.1.1 To perform this action, login with your Godaddy account, on the Top menu options select “Domain” and click on “Manage My Domains”.

godaddy_domain

5.1.2 On your Domains screen click on your Domain name to open it’s details.

godaddy_domain1

5.1.3 On your Domain details and action screen click on the “Add record” button.

godaddy_domain2

5.1.4 On the record type select “CNAME (Alias)”, on the Host field insert your desired host name (e.g. WWW) and on the Points to field insert the Fully Qualified Domain Name of your Azure Blog (yourblog.azurewebsites.net).

Click on the “Save” button to complete the action.

godaddy_domain3

5.2 Configure Azure Web site host headers with the new blog URL

Now that you have the required DNS records, you need to add the new URL address to Azure Blog web site host headers.

5.2.1 On your browser access to “https://manage.windowsazure.com” with your subscription account.
//
//
From the left pane click on “Web Sites” and click on your Web site name to jump into it’s details.

azure_website8

5.2.2 On your web site details click on “Configure

azure_hostheader

5.2.3 Scroll-down until you see the “domain names” section, click on “manage domains

azure_hostheader1

5.2.4 On Manage custom domains screen type your custom domain name “www.yourdomain.com”. As you already created the required CNAME record on your DNS Service you can proceed and click on the bottom-right checkmark button.

azure_hostheader2

 

5.3 Configure your custom domain URL on Azure WordPress Blog

To complete the process, you need to update your Azure WordPress Blog with your custom domain URL.

5.3.1 Login to your new Azure Blog on the left pane of your Dashboard screen clcik on “Settings” to open “General Setting”.

From there you need to fill the “WordPress Address (URL)” and “Site Address (URL)” with your custom domain address “http://your.domain.com” (same URL on both fields).

change URL2

 

6.   Configure WordPress.com redirection to Azure blog (Optional)

If you were running your WordPress.com blog for a while your Dashboard will show that part of your blog Page Views were coming from Search results or reference links from other Internet sources, such as Forums, blogs, Facebook, Twitter, etc.

6.1 Subscribe WordPress.com Site Redirect

If Page Views mean some sort of value to you, while migrating your blog to a hosting provider such as Azure, you should subscribe WordPress “Site Redirect” service. With that you can redirect the access of your previous WordPress.com blog to your new Blog on Azure.

This service has an affordable annual cost and is optional. To subscribe the service do the following:

6.1.1 Login to your WordPress.com blog with your account, on the Dashboard left pane click on “Store –> Store”.

wp_redirect

6.1.2 Scroll-down until you’ll find “Site Redirect” and click on “Buy now

wp_redirect1

6.1.3 On the next screen you will see that you are about to redirect your old blog “http://oldblog.wordpress.com” to your new blog address. Fill in your new blog address “http://www.yourdomain.com” and click on “Redirect to this URL

wp_redirect2

6.1.4 Complete the payment steps and you are done with the service subscription.

 

6.2 Configure Permanent Links format

When you use Site Redirection it is critical that you configure your Azure Blog with the same Permanent Links format that you had on your blog at WordPress.com. If you miss this step, you will manage to redirect your WordPress.com blog default page http://yourblog.wordpress.com/ to your Azure Blog default page  http://www.yourdomain.com/ but the redirection to all your Posts Links will fail.

Example of Blog Posts redirection failure:
Wordpress.com Permanent Links format:
http://yourblog.wordpress.com/?p=123

WordPress Azure Blog Permanent Links format:
http://www.yourdomain.com/2014/05/27/kali-linux-1-o-7-has-been-released/

Example of Blog post redirection success:
Wordpress.com Permanent Links format:
http://yourblog.wordpress.com/2014/05/27/kali-linux-1-o-7-has-been-released/

WordPress Azure Blog Permanent Links format:
http://www.yourdomain.com/2014/05/27/kali-linux-1-o-7-has-been-released/

You can use whatever format you want but just make sure that you have the same format on both sides.

6.2.1 Login to your Azure Blog and on the Dashboard left pane click on “Settings” and “Permalinks

azure_permanent_links

6.2.2 On Permanent Settings I will select “Day and name” which is the same format that I was using on my blog at WordPress.com

azure_permanent_links1

 

7.   Installing plugins for a similar experience to WordPress.com (Optional but recommended)

To keep your blog with a similar functionality like you had on WordPress.com you need to install some plugins. Depending on your requirements I am just sharing some Plugins that might interest you.

To add plugins to your site, login to your WordPress blog and access your Dashboard, on the Left pane click on “Plugins –> Add new”.

Must have:
Acunetix WP Security (Security Scanner for your blog)
Akismet (Antispam)
Jetpack by WordPress.com (Blog essentials – see below)

Additional (recommended):
Google AdSense (Implement Adsense on your site)
Google Adsense Dashboard (Adsense earnings on your dashboard)
ELI’s WordCents adSense Widget w Analytics (Sidebar Adsense Widget)
Click-Fraud Monitoring (Prevent your Ad account Ban/Sabotage)
Jetpack Sharing (Share content on social media)

 

Jetpack 3.0 by WordPress.com Category Alphabetical:

Beautiful Math
Use LaTeX markup language in posts and pages for complex equations and other geekery.

Carousel
Transform standard image galleries into full-screen slideshows.

Contact Form
Insert a contact form anywhere on your site.

Custom CSS
Customize your site’s CSS without modifying your theme.

Enhanced Distribution
Share your public posts and comments to search engines and other services.

Extra Sidebar Widgets
Add images, Twitter streams, your site’s RSS links, and more to your sidebar.

Google+ Profile
Give users the ability to share posts to Google+, and add your site link to your Google+ profile.

GGravatar Hovercards
Enable pop-up business cards over commenters’ Gravatars.

Infinite Scroll
Add support for infinite scroll to your theme.

Jetpack Comments
Let readers comment with WordPress.com, Twitter, Facebook, or Google+ accounts.

Jetpack Single Sign On
Allow your users to log in using their WordPress.com accounts.

JSON API
Allow applications to securely access your content through the cloud.

Likes
Give visitors an easy way to show their appreciation for your content.

Markdown
Write posts or pages in plain-text Markdown syntax.

Mobile Theme
Optimize your site with a mobile-friendly theme for tablets and phones.

Monitor
Receive notifications from Jetpack if your site goes offline — and when it it returns.

Notifications
Receive notification of site activity via the admin toolbar and your Mobile devices.

Omnisearch
Search your entire database from a single field in your Dashboard.

Photon
Accelerate your site by loading images from the WordPress.com CDN.

Post by Email
Publish posts by email, using any device and email client.

Publicize
Share new posts on social media networks automatically.

Related Posts
Display links to your related content under posts and pages.

Sharing
Allow visitors to share your content on Facebook, Twitter, and more with a click.

Shortcode Embeds
Embed content from YouTube, Vimeo, SlideShare, and more, no coding necessary.

Site Verification
Verify your site or domain with Google Webmaster Tools, Pinterest, and others.
NEW

Spelling and Grammar
Check your spelling, style, and grammar with the After the Deadline proofreading service.

Subscriptions
Allow users to subscribe to your posts and comments and receive notifications via email.

Tiled Galleries
Display your image galleries in a variety of sleek, graphic arrangements.

VVaultPress Paid
Protect your site with automatic backups and security scans. (Subscription required.)

VideoPress Paid
Upload and host video right on your site. (Subscription required.)

Widget Visibility
Specify which widgets appear on which pages of your site.

WordPress.com Stats
Monitor your stats with clear, concise reports and no additional load on your server.

WP.me Shortlinks
Enable WP.me-powered shortlinks for all posts and pages.

 

I’ve completed the series of “How to migrate WordPress.com blog to WordPress hosted on Azure”.

 

R-Tape Loading error,
Luís Rato
//
//

How to migrate WordPress.com blog to WordPress hosted on Azure–Part 1

•7 de Junho de 2014 • Deixe um comentário

//
//
Hi guys,

on this post I will explain the required steps to migrate your WordPress.com blog to a WordPress blog running on Microsoft Azure, I will split this in two posts.

On this post “How to migrate WordPress.com blog to WordPress hosted on Azure – Parte 1” here are the topics being covered:

1.   Login or Subscribe Microsoft Azure
2.   Create WordPress blog on Microsoft Azure
3.   Configure Azure Web Hosting Plan for WordPress web site
4.   Migrate your blog content from WordPress.com to your WordPress blog hosted on Azure

 

On “How to migrate WordPress.com blog to WordPress hosted on Azure – Parte 2” I will cover the following:

5.   Custom domain name for your Azure WordPress Blog (Optional)
6.   Configure WordPress.com redirection to Azure blog (Optional)
7.   Installing plugins for similar experience with WordPress.com (Optional but recommended)

 

1 – Login or Subscribe Microsoft Azure

You obviously need a Microsoft Azure subscription, if you already have one just login to your subscription, if you don’t subscribe a Trial for a start.

During the Trial subscription you will have to present you credit card information, don’t worry, you will not be charged for anything, it is just to prove your identity, Microsoft uses this mechanism to reduce the Trial abuse on a malicious intent.

Microsoft Azure home page:
http://azure.microsoft.com/en-us/

Subscribe Microsoft Azure Trial:
http://azure.microsoft.com/en-us/pricing/free-trial/

azure_trial

 

2 – Create WordPress blog site on Microsoft Azure

– Login on Microsoft Azure Portal with your subscription account

– On the bottom left of the screen click on “NEW” button

azure_website

– Navigate through “Compute –> Web Site –> From Gallery

azure_website1

– On the Web Apps Gallery options select “Blogs” and Scroll all the way down through the Blog platform list and select “WordPress

azure_website2

– On “Configure Your App” screen, first you need to define the URL for your website, at this point I will keep the default domain “.azurewebsites.net” which I can use for free, but I can change it back later to my own custom domain.

For the purpose of this test I’ve filled the URL with “luisrato123” which will make my blog accessible through the URL “http://luisrato123.azurewebsites.net”. So type in whatever makes sense for you.

azure_website3

– After defining the URL you need to define settings for your database, you can opt for a new MySQL database or to use an existing one.

I’ll assume that you don’t haven’t a database yet so the default value should be “Create a new MySQL database” (if you were creating a second blog the default value would be “Use an existing MySQL database”).

– On the same screen you need to define the “Deployment settings” were you have to put all the required passwords, such as:

AUTHENTICATION KEY
SECURE AUTHENTICATION KEY
LOGGED IN KEY
NONCE KEY
AUTHENTICATION SALT
SECURE AUTHENTICATION SALT
LOGGED IN SALT
NONCE SALT

To make your life easier you can use the following URL:

https://api.wordpress.org/secret-key/1.1/salt/
//
//

Through this you can generate keys with random and complex character set.

On the image below I’ve framed the piece of information that I had to copy/paste for each password deployment settings passwords.

Note: I found that this password API generates passwords with non-supported characters (single quote, backslash and dollar). On the Azure deployment settings, each will be signed when you click on Next button, you just need to replace the non-supported characters with any other random character of your choice.

azure_website5

azure_website6

– On the next screen you need to define the database instance name and the geo-location.

azure_website7

3 – Configure Azure Web Hosting Plan for WordPress web site

We easily created a WordPress web site on Azure, before you jump over to WordPress configuration we have to chose a Web Hosting Plan that meets our performance requirements, at the moment there are 4 different plans, FREE, SHARED, BASIC and STANDARD.

On the following table you can compare the differences, if you are just a regular user the FREE or SHARED plans might be all you need, but if you have heavy traffic demand for you site you need to consider other options, the BASIC and STANDARD plans allow you to have a dedicated VM environment with different sets of VM computing/memory capability and scalability options as well.

Azure Web Hosting Plans Price details:
http://azure.microsoft.com/en-us/pricing/details/web-sites/

FREE
SHARED BASIC STANDARD
Websites 10 100 Unlimited Unlimited
Storage 1 GB 1 GB 10 GB 50 GB
Compute instance Shared Shared Dedicated Dedicated
azurewebsites.net subdomain with FTP/S and SSL ü ü ü ü
Custom domain support   ü ü ü
Custom domain SSL support     SSL pricing applies 5 SNI SSL and 1 IP SSL Connections included
Scale-Out (max. instances)   6 shared instances 3 dedicated instances 10 dedicated instances
Integrated Load Balancer   ü ü ü
Always On     ü ü
Web Sockets     350 per website Unlimited
Backups (Preview)       ü
Auto Scale       ü
WebJobs (Preview) ü ü ü ü
Azure Scheduler support       ü
Staged Publishing       ü
SLA     99.9% 99.9%

– To configure the Web Hosting Plan for your WordPress Web site, on the Azure Portal, on the left pane click on “Web Sites” to display the available web sites and then click on your WordPress Web Site instance.

azure_website8

– The Web site details will show you some options on the top menu, click on “SCALE” to define your Web Hosting Plan

azure_website9

– On the Web Hosting Plan Mode screen you can define the desired plan, in my case I’ve opted for “BASIC” mode which allows me to have a dedicated environment, chose the size of my VM and define the number of instances I need.

As I said before, “FREE” mode might be enough for you at no cost, I am not pushing you for my own definition which implies costs.

Web Hosting Plan Mode: BASIC
Instance Size: Small (1 core, 1.75GB Memory)
Instances: 2 (1 in use)

azure_website10

– After you’ve made changes click on the “Save” button at the mid-bottom of the screen.

4 – Migrate your blog content from WordPress.com to your WordPress blog hosted on Azure

 

4.1 Export blog content from WordPress.com

– Login on WordPress.com and access your Blog Dashboard, from the left pane options click on “Tools –> Export

wordpress_export

– On the next screen click on “Export” (Free)

wordpress_export1

– You can segregate the content or you can export everything (Posts, Pages, comments, etc). As we are migrating a blog from one side to another it makes sense to opt for “All content” and click on “Download Export File” to download the XML file.

wordpress_export2

 

4.2 Import blog content to your new Blog hosted on Azure

– On your browser type the URL of your new WordPress Blog hosted on Azure (http://yourblog.azurewebsites.net).

– You will be prompted to create your login information, fill in the Site title, desired username and password

wordpress_import

wordpress_import1

– On your Blog Dashboard, from the left pane options click on “Tools –> Import

wordpress_import2

– On the Import options screen select “WordPress

wordpress_import3

– Click on the “Install” button on the bottom right

wordpress_import4

– After a few seconds with the last action you have installed the Import Plugin, click on “Activate Plugin & Run Importer

wordpress_import5

– Now Browse for the XML file you had exported from your WordPress.com Blog and click “Upload file and Import

wordpress_import6

– On the next screen you need to assign an Author for your posts (you can change this later…), for now select the option “or assigns posts to an existing user”, click on the drop-down list and select your user. Don’t forget to put a tick on the checkbox “Download and import file attachments” and click on “Submit” button.

This action can take a while.

wordpress_import7

 

We have reached the end of Part 1, follow Part 2 on “How to migrate WordPress.com blog to WordPress hosted on Azure – Parte 2”.

R-Tape Loading error,
Luís Rato
//
//

Moving my blog to Azure

•7 de Junho de 2014 • Deixe um comentário

As some of you have noticed you are being redirected from wordpress.com to azurewebsites.net. Here’s why:

Initiated my blogging journey a while ago in 2007, started posting on Blogspot (http://luis-rato.blogspot.co.uk/), then I found that Windows Live Spaces was a better place to be and moved to (http://luisprato.spaces.live.com), then Microsoft decided to abandon the blogging platform and I was forced to move to WordPress.com (https://luisrato.wordpress.com).

I do blogging for the joy of helping others and I truly believe that information worth nothing if you keep it for yourself, amplifying knowledge, sharing and collaborating is part of my DNA and in approximately 2 years of WordPress.com blog activity I had >~107.000 blog views, that can mean nothing for some but it means a lot for me as people is getting involved and providing feedback.

Personally I hate restrictions, that’s why I phreak every single device I own, so many would say that open source or freemium service models would suite better for me, well in fact for me in many angles it’s the opposite, I can explain it better in a different thread. With regard to Blogging activity WordPress.com fits on the Freemium space, you have a blogging platform for free but with restrictions, skipping limitations and getting plus services has costs.

Something came to my notice, when I’ve achieved 100.000 page views started seeing Ads being spread over the blog, fair enough, you have a free platform and they monetize with Ads. So I had a rational though, producing content so that others are making money out of it and living with the limitations of a freemium model, I think I prefer to assume the control, remove restriction and run my own stuff, and that’s what I did, migrated my Worpdress.com blog to WordPress running on Microsoft Azure.

From now on you can follow my blog at:
http://luisrato.azurewebsites.net

Stay tuned, I will explain to you the required and easy steps for such move.

R-Tape Loading error,
Luís Rato

Kali Linux 1.0.7 has been released

•27 de Maio de 2014 • Deixe um comentário

Hi there guys,

heads up for Pentesters, Kali Linux 1.0.7 has been released today!

Kali Linux 1.0.7 Released – Official annoucement:
http://www.kali.org/news/kali-linux-1-0-7-released/

This release has the Linux Kernel 3.14, loads of fixed bugs and Package Bugs, updated and new tools, fixed some issues with Virtualbox and Kernel 3.14 and some interesting improvements, such as this:

“One of the new sought out features introduced (which is also partially responsible for the kernel update) is the ability to create Kali Linux Live USB with LUKS Encrypted Persistence. This feature ushers in a new era of secure Kali Linux USB portability, allowing us to either boot to a ‘clean’ Kali image or alternatively, overlay it with the contents of a persistent encrypted partition, all within the same USB drive.”

 

Based on the changelog information here are some of the latest changes introduced with the 1.0.7 release.

 

General Bug:

– Possible issues with virtualbox 3.4 and kernel 3.14

Feature request:

– error in github link on the following web page

Kali Package Bug:

– Grabber errors out when running a scan
– Unable to install QEMU – Missing packages from repository
– b43 wireless driver firmware missing.
– Failed to Build Utilite Pro image – Ultimate Pentesting PwnBox (2013)
– w3af scan profile is outdated
– Beef-Xss-Bundle unable to update
– w3af scan profile is outdated
– Beef-Xss-Bundle unable to update

Kali Package improvement:

– Patch acccheck to fix usage output and binary name
– Patch cisco-torch Usage Output
– Patch wol-e Usage Output
– Patch theharvester Usage
– Add support for encrypted persistence to live-boot

New tool requests:

– fgdump
– hashID

 

Tool Updates:

– Update SSLsplit
– Update SET to 6.0
– Update dnsenum to 1.2.4.1
– Update cuckoo to 1.1
– Update p0f to 3.07b
– Update responder to 2.0.8
– Update hexinject to 1.5
– Update u3-pwn to 2.0
– Update powersploit to 2.2
– Update nfspy to 1.0
– Update shellnoob to 2.1
– Update ipv6-toolkit to 1.5.3
– Update sslyze to 0.9
– Update thc-ipv6 to 2.5
– Update mitmproxy to 0.10.1
– Update nmap to 6.46
– Update Hydra password cracker to 8.0
– Update crunch to 3.6
– Armitage 05.15.14 Released
– Upgrade Nmap to version 6.45
– WPScan 2.4 Released
– Burp Suite Free Edition v1.6 released
– edb-debugger need to upgrade to 0.9.20
– Websploit Framework 2.0.5
– OWASP ZAP 2.3.0.1 Released
– Update freeipmi-tools to 1.1.6
– Version 2.3.0 of OWASP Zed Attack Proxy Released
– Please upgrade Wapiti, it  seems to be 7 years out of date
– Update aircrack-ng to 1.2-beta3
– Update w3af to 1.6
– Upgrade python-phply to 0.9.1
– social network engineering tool

 

For installation proposes you have two options, upgrade from a previous version or make a fresh install.

Upgrade:

In case you want to upgrade from a prior version, just open terminal and run the following:

apt-get update
apt-get dist-upgrade
reboot

Kali_dist-upgrade

New installation:

I have already covered how to install Kali Linux on Hyper-V on this blog, from the installation standpoint nothing really changes and you can follow this link to learn how to install the latest version of Kali on Hyper-V.

How to install Kali Linux on Hyper-V 3.x – Windows Server 2012/R2 or Windows 8.x

This screenshot reveals that with the latest Kali Linux 1.0.7 you’ll get the Kernel version 3.14 and I also testify that it is working great on Hyper-V.

Kali_new_install

Enjoy and keep yourself on the safe and right side.

 

R-Tape Loading error,
Luís Rato