Cloud - Azure Exam 70-533 and 30 days trial link

Considering that companies are moving slightly to hybrid cloud I would like to mention this Microsoft that permit to gain following certification:

https://www.microsoft.com/en-us/learning/exam-70-533.aspx

At precedent link several resources link and exam information are available.

About precedent exam it would be useful evaluate Azure 30 Days trial period account creation.

https://azure.microsoft.com/en-us/offers/ms-azr-0044p/

We offer eligible customers $200 in Azure credits (“Credits”) to be used within the first 30 days of sign-up and 12 months of select free services (services subject to change)

Here they are some old blog articles related to cloud:

Microsoft - Azure and Veeam Connect

HyperV 2012 - Free Download Ebook

Video Audio - Online free converter

I would like to mention this website that permit online convertion about these Audiovideo formats:

https://www.apowersoft.it/convertitore-video-gratuito

MP4, MOV, AVI, WMV, MKV, SWF, ASF, FLV, VOB, RM, 3GP, WEBM, MPG, DV, M4A, M4R, MP3, WAV, FLAC, WMA, AC3, AAC, OGG e RA

4K, 3D, HD, AVCHD, HEVC


Program - Brute Force Wordpress Plugin

About Wordpress I would like to mention this Wordpress plugin that work with .htaccess file.

Brute Force Login Protection  can be found/downloaded here:

https://wordpress.org/plugins/brute-force-login-protection/

Here they are major features:


  1. Limit the number of allowed login attempts using normal login form/Auth Cookies
  2. Manually block/unblock/(whitelist trusted)  IP addresses
  3. Delay execution after a failed login attempt (to slow down brute force attack)
  4. Option to inform user about remaining attempts on login page
  5. Option to email administrator when an IP has been blocked
  6. Custom message to show to blocked users

about plugin installation it is decisevely straight:


1. Install the plugin either via the WordPress.org plugin directory, or by uploading the files to your wp-content/plugin directory.
2. Activate the plugin through the WordPress admin panel.
3. Customize the settings on the settings page.

Hacker - WPA2 password crack

We are all aware about security weakness that Wi-Fi it has, that does not dipend from protocol used.

Infact Wifi it has allways some risks that could never become equal to 0.

Vulnerability found it is related to Wi-fi Protected Access 2 (WPA2). It does not permit to acquire WPA2 password but man in the middle


The idea it is that each person that is near to Wi-Fi could implement  Key Reinstallation AttaCK (KRACK) and read trassferred data between PCs and router/access point (man in the middle attack with password, email, sensitive date reading...).

this kind of attack is really efficace against Android/Linux that use wpa_supplican during wi-fi connection process  (but it could be applied to all O.S./devices as well)

You can take a look to this article that better explain an example on how to get this result.


These results could be reached using these tools:

Kali Linux, la suite per gli attacchi WiFi Aircrack-ng, il software per eliminare la protezione HTTPS denominato SSLstrip e WireShark.

Summarizing attack procedure steps:

  1. Using vulnerability it create a Wifi fake with same SSID but on different channel.
  2. It switch remote device to connect to new fake Wifi and decript all traffick that became in clear mode.
To solve issue you should:

1. Upgrade Router/access point firmware 
2. pcs/mobile devices o.s. (more urgently)

It is available this Python Script to understand if your devices is vulnerable:

Hacker/Security - Kali Linux Penetration test Tool

Today I would like to mention this old blog article that describe Kali Linux thaat is a specific Linux distribution used for penetration tests:

http://www.alessandromazzanti.com/2014/05/kali-linux-penetration-test-e-forensic.html

Kali 2017.3 Release

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers.


Kali Linux includes security tools, such as:[13]

More details could be find here:


Finally I would mention that Mr Ghaznavi-Zadeh published a chapter from his book "Kali Linux – A guide to Ethical hacking" and it is available for free here:


Finally here it is Kali Linux video website presentation:

Cloud - Multicloud collector

I adding this applicative mention:

https://www.multcloud.com/

I did not find time to test it but it seems useful.

It is Web based app that allows multiple cloud users to access all their online files from a single interface. Organizing, transferring, synchronizing or even manage sharing files between cloud storage services like Dropbox, Google Drive, Copy, OneDrive, FTP, WebDav, MEGA and other cloud supported vendors.

It is a free application.

There is a premium plan too:

https://www.multcloud.com/price

About security concerns consider that:

  1.  Website connect and data transfer using 256-bit AES encryption for SSL.
  2.  Does not save or cache your data and files on our servers.
  3.  Access cloud drives with OAuth authorization and does not save your password.


Vackup - Veeam Alternative Vembu BDR Suite

Today I would like to mention this Veeam Backup Alternative.

https://www.vembu.com/

I did not have time to try it yet but here some charactheristic that make it interesting:


  1. Backups could be saved on-site, off-site and on cloud.
  2. Item Level Backup for Exchange, Sharepoint, SQL, My SQL, Office 365 available.
  3. Two licensing types:
    1. Unlimited functionalities only for 3 VMs.
    2. Unlimited VMs but functionalities limited.
  4. 30 days trial full feature download possible.
  5. If you are interested to view full compare between license type you could review this .pdf:
    https://www.vembu.com/pdf/datasheet/vembu-bdr-suite-free-vs-paid-edition.pdf
  6. HyperV (2008 R2 up to 2016),  Vmware (4.x up to 6.x) , workstation and physical server are supported.
  7. Full and granular restore supported.
  8. CRC, encryption (backup) and compression are supported.
  9. No agent software is installed on VMs.
  10. Storage pools aggregations are supported like on Veeam.
  11. Direct SAN feature permits backup tool to communicate directly to SAN (exposing with iScsi) without necessity to pass through to Vmware/HyperV hypervisors.
  12. Cross Platform Migration tool support (v2v) between different hyper-visor.
  13. VSS - Application-aware image backup compatibility.
  14. Log Truncation.
  15. Backup data could be downloaded from user in different file formats (vmdk, vhdx, image ....)
  16. Backup encryption (AES 256 bit)
  17. About exchange (2003, 2007, 2010, 2013 and 2016) Vembu Explorer for Microsoft Exchange Instantly restores Exchange user mailboxes, emails, contacts and etc., from backed up VMware VMs without restoring entire Exchange server.
  18. Vembu Explorer for Microsoft Active Directory: Instantly restores Active Directory objects and GPOs and etc., without restoring entire MS Active Directory VM.Supports Active Directory Server 2008 R2 STD, 2012 DC, 2012 R2 DC.
  19. Vembu Explorer for Microsoft SQL Server: Instantly restores SQL database and tables without restoring entire SQL VM. Supports MS SQL Server 2005, 2008, 2008 R2, 2012, 2014, 2016.
  20. Vembu Explorer for Microsoft Sharepoint: Instantly restores SharePoint site collections, documents and etc. without restoring entire SharePoint VM. Supports Microsoft SharePoint Portal Server 2003,2007,2010,2013.
  21. Bare-metal Recorery it is supported restoring to same hardware or new RAW hardware using Vembu Recovery CD.
    Supported O.S.: 
    (2016, 2012 R2, 2012, 2008 R2, 2008,2003 R2 SP2, 2003 SP2, Windows 10 , Windows 8, Windows 7,Windows Vista,  Windows XP SP2)
Here they are useful documentation to aim to view all features/capabilities:




Indeed about Veeam Backup tool you could review this link with all related blog articles:

http://www.alessandromazzanti.com/search/label/Veeam


720check