via Blogger http://blog.51sec.org/2021/12/2022-netsec-channel-video.html
December 31, 2021 at 10:36AM Blog
2022 NetSec Channel Video
via Blogger http://blog.51sec.org/2021/12/2022-netsec-channel-video.html December 31, 2021 at 10:36AM Blog
0 Comments
This video shows how to change Oracle Cloud Free Tier's VM into a Windows 2016 VM. Just one command in your free tier VM, you can change that OS from Linux to Windows 2016 in 30 minutes. ✅Steps: 1. Log into Oracle Cloud and Create a Ubuntu Instance 2. Create VNC Console Connection to your ubuntu instance (Optional) 3. Run Command to DD Windows 2016 wget --no-check-certificate -qO InstallNET.sh 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh' && bash InstallNET.sh -dd 'http://d.nat.ee/win/lite/us/winsrv2016-data-x64-us/winsrv2016-data-x64-us-efi.vhd.gz' ✍,Related Post: 1.Commands and Image Links : https://blog.51sec.org/2020/05/dd-windows-7-64b-to-oracle-cloud-ubuntu.html 2.VNC Console: https://blog.51sec.org/2021/08/oracle-cloud-vps-vnc-console-connection.html ?Related Videos: 1. DD Install Windows System to Google Cloud Linux VM - https://youtu.be/rru1hRWp19E 2. Create VNC Console Connection for Oracle Cloud Instances - https://youtu.be/JZlp9Xfg980 3. DD Windows 2016 into Oracle Cloud Free Tier Ubuntu VM Instance - https://youtu.be/owe4CsbTG7E ==================================================================== If you found this video has some useful information✍, please give me a thumb up ✅ and subscribe this channel ?to get more updates?: ⚡https://www.youtube.com/c/Netsec?sub_confirmation=1 ⚡Resource Collection and Bookmarks: https://sites.51sec.org/ Learning and Sharing - 海内存知己,天涯若比邻 - ⚡https://51sec.org ?https://itprosec.com ------------------------------------------------------------------------------------------------------------------------------------------ Music Credits: Midnight (Alan Walker Style) NPB - Alan Walker: http://bit.ly/AlanWalker_Instagram https://www.youtube.com/channel/UCJrOtniJ0-NWz37R30urifQ - NPB https://www.youtube.com/channel/UC3iVMgPLryji2sozgLxr5yQ - FMD https://www.youtube.com/channel/UC_l59BueBNMqXCNZpte_jlA
Watch video on YouTube here: https://youtu.be/owe4CsbTG7E by Johnny Netsec
To configure IPv6 for Azure Virtual Machines, there are following steps based on my lab. Steps: 1. Configure Resource Gorup and Test Win10 VM 2. Create IPv6 address space and subnet in Virtual nework 3. Create a new network interface for existing VM 4. Create Public IP 5. Assosiate IP to vNIC 6. Attach new vNIC to VM 7. Test Related videos: ?Enable IPv6 for Oracle Cloud Infrastructure and Assign it to CentOS Instance - https://youtu.be/yxm3Bn7uHyw ?Configure IPv6 for AWS EC2 Instance - https://youtu.be/N4S6UjR6gUY ?Steps to Configure Native IPv6 Address for Azure VM - https://youtu.be/jFpFxCgVXPI ?Access IPv6 Only Website from IPv4 Machine - https://youtu.be/IvJ6_vre3Qg ?Configure IPv6 Only VPS to Access IPv4 Internet - https://youtu.be/hVnWhlxliIg Related post: https://blog.51sec.org/2021/12/configure-ipv6-on-azure-virtual-machine.html#point4 ==================================================================== If you found this video has some useful information✍, please give me a thumb up ✅ and subscribe this channel ?to get more updates?: ⚡https://www.youtube.com/c/Netsec?sub_confirmation=1 ⚡Resource Collection and Bookmarks: https://sites.51sec.org/ Learning and Sharing - 海内存知己,天涯若比邻 - ⚡https://51sec.org ?https://itprosec.com
Watch video on YouTube here: https://youtu.be/jFpFxCgVXPI by Johnny Netsec
Configure IPv6 on Azure Virtual Machine
IPv6 for Azure Virtual Network was generally available worldwide starting from April 2020. During testing IPv6 I found it is quite confusing with Microsoft document, especially how to use Web Console to assign a native IPv6 address to VM. Assigning a native IPv6 address means not using Tunnel or Load Balancer to get your VM to use IPv6 address. This post is to list all steps to assign a native IPv6 address to a existing Win10 virtual machine. It is same process for other type OS or a new VM.DiagramThe following diagram depicts a simple dual stack (IPv4/IPv6) deployment in Azure: There are some limitation when deploying IPv6 in Azure Load Balancer. Please check following document: The following picture illustrates the IPv6 functionality for Azure Load Balancer. Configure Resource Gorup - Virtual NetworkThere are quite a few resources relating to IPv6 configuration. Here we are starting from Resource Group to check those related resources. The networking model for Azure is All VMs are connecting through a network interface (vNIC) which is attached to virtual network (vNET). So all configuration for IPv6 will need to start from the shared Virtual Network (vNET), such as adding a IPv6 CIDR.1 Go to Resource Group - Virtual Network 2 Create a new IPv6 address space By default, your existing address space already has a IPv4 address space, 10.0.0.0/16. You can add additional address range to your this virtual network. As an example, I am using a Microsoft example Ipv6 space: ace:ceb:deca::/48 . You can generate your own local IPv6 segment using your mac address and time stamp in this website: RFC4193 IPv6 Generator 3 Configure your current subnet when the VM sites to use IPv6 subnet. ace:ceb:deca:deed::/64 is an example from Microsoft Create a new network interface for existing VMThe existing VM's network interface is only for IPv4. There is no way we can allot an IPv6 to it using web console. In this case, we will create a new network interface to get a DualStack vNIC for your existing VM.Search Network Interfaces and add a new one: Most important one is to have a private ip address (IPv6) option checked. Create a Public IP1 Keep existing IPv4a. shutdown VM and set your Public IPv4 as static
b. dis-attach it from vNIC
c. upgrade SKU to standard SKU
d. Create a new IPv6 with your saved public IPv4 address
2 Create a new IPv4 and IPv6 address (Both) Attach IP to vNICIn previous step, the ip addresses are ready. Now we can configure those ip addresses for our VNIC.
There are primary type ip and now is not associate with a public ip. We can associate one we created in previous step to it.
Same thing on secondary type ip, which is our IPV6 address, we will associate a public ip with it.
Attach new vNIC to VMWe have new vNIC with new addresses, which we can attach it to our VM now.1 Stop VM
2 Go to VM's networking page
3 Attach network interface
3 Different SKU issue
4 Dissociate existing Public IP which is using Basic SKU
5 Now you should be able to attach the new created vNIC into this VM
And detach the old IPv4 vNIC from this VM.
Test your ipv4 and ipv6 ip address using Edge browser to open whatismyip.com website to verify you addresses.
via Blogger http://blog.51sec.org/2021/12/configure-ipv6-on-azure-virtual-machine.html December 25, 2021 at 03:37PM Cloud
In this video, I am gonna show you how to easily deploy OpenWRT into Azure cloud. Following Steps Show in the video: 1. Create a new resource group for this OpenWRT Azure lab 2. Download and Unzip OpenWRT OVA package 3. Convert VMDK file to VHD format 4. Upload VHD File to Azure Storage 5. Create OpenWRT Image from VHD File in Blob Storage 6. Create OpenWRT VM Based on New Created OpenWRT Image 7. Stop VM to Add a new interface 8. Log in to OpenWRT to Modify Interfaces 9. Add New Route Table and Route 10.Launch Win10 VM to test Related post: ✍https://blog.51sec.org/2021/12/create-openwrt-virtual-machine-in-azure.html Related videos: ⚡Deploy A Free NAT Gateway Router Firewall (VNS3 NATe) in Azure Cloud - https://youtu.be/EswP-bfjI_E ⚡Easily Add One-Armed OpenWRT into Home Network As Bypassing Router - https://youtu.be/oOHsW9aOVvQ ⚡Install Docker and Portainer on Ubuntu 20.04 in Raspberry Pi - https://youtu.be/MjbInsvvGvw ⚡Use Portainer to Deploy OpenWRT Docker as router on the stick - https://youtu.be/o_mPt7pWRes ⚡OpenWRT Adblock Installation and Configuraiton - https://youtu.be/lzjZ4b5xMwY ⚡Install OpenWRT KMS Service - vlmcsd - https://youtu.be/P09U5mE3hwU ⚡Install Your Own KMS Container Using Portainer Docker- https://youtu.be/_McIPiTKJVE ==================================================================== If you found this video has some useful information✍, please give me a thumb up ✅ and subscribe this channel ?to get more updates?: ⚡https://www.youtube.com/c/Netsec?sub_confirmation=1 ⚡Resource Collection and Bookmarks: https://sites.51sec.org/ Learning and Sharing - 海内存知己,天涯若比邻 - ⚡https://51sec.org ?https://itprosec.com
Watch video on YouTube here: https://youtu.be/SjgEdfZClog by Johnny Netsec
Create OpenWRT Virtual Machine in Azure Cloud
There are many reasons you might want to put OpenWRT into Azure Cloud. For me, I was looking for a free and light weight solution which can do routing, NAT, port forwarding, firewall with Web GUI management for my Azure cloud. I tried VNS3 NATe solution which works fine. Only restriction bothers me for production usage is throughput limited at 50Mbps.
I had some posts regarding OpenWRT running in my VMWare environment. Is it possible to run it in Azure cloud? I managed to try using an OVA package found from Openwrt.org website and it works. Just in case you have same need and here are the steps I am following to spin up an OpenWRT VM in Azure Cloud. TopologyDownload and Unzip OpenWRT OVA packageOVA file download links:19.07.5 - https://www.dropbox.com/s/4b0dy8d8iqf8a91/OpenWRT_x86_64_19.07.05.ova?dl=0 We can use winzip or 7zip this kind of software to unzip OVA file to a folder. There is vmkd file which we will need to process to next step. Convert VMDK file to VHD formatThere are a couple of ways to do that. The easiest way for me is to download StarWindConverter from https://www.starwindsoftware.com/starwind-v2v-converter
After installed the software, following those steps to convert it to VHD format which can be used by Azure cloud.
1 Choose local file to start 2 select the vmdk file we extracted from ova file. 3 choose where to save your converted file. 4 choose the vhd / vhdx as destination image format. 5 Choose VHD pre-allocated image Just in case you do not want to install StarWind V2V software, I have a converted VHD file for downloading: https://od.51sec.org/T51SecEU/Sharing/VM/OpenWRT/ Upload VHD File to Azure StorageIf you have not create a storage account, you will need to create one. You will also need to create a container to store this VHD file.Create OpenWRT Image from VHD File in Blob StorageCreate OpenWRT VM Based on New Created OpenWRT ImageLog in to OpenWRT to Confirm ConnectionDefault username is root and password is null, no password.Stop VM to Add a new interface
Since default image is only have one interface which is connecting to Internet and it is the interface we are connecting to, we are going to add second interface for LAN network, which is behind this OpenWRT appliance.
Stop-AzVM -ResourceGroupName "RG-OpenWRT" -Name "OpenWRT-1" -Force
Log in to OpenWRT to Modify Interfaces
We are going to change first interface to zone WAN. For second interface, we will put it into LAN zone.
Add New Route Table and Route
Last configuration is to add a new route table for Azure LAN subnet. A new route will be created to make sure all traffic in LAN subnet will be sent to our OpenWRT LAN interface, which is 10.0.1.4.
Spin Up Win10 Machine to Test Speed
Finally we completed all configuration and we can use a Win10 VM for testing. We will test network throughput and Internet access.
C:\Users\netsec>tracert 8.8.8.8
Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms 10.0.1.4
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 2 ms 2 ms 3 ms dns.google [8.8.8.8]
Trace complete.
via Blogger http://blog.51sec.org/2021/12/create-openwrt-virtual-machine-in-azure.html December 16, 2021 at 09:06PM Cloud
This video is to show you how to deploy a free NAT gateway, router, and firewall into Azure Cloud. It is completely free with some restriction such as only 50Mbps bandwidth. It also can be running in a small size vm, with only1vcpu and 1GB memory. Prerequisites 1. Azure Account 2. Subscription Steps: 1. Create a new resource group for this lab 2. Search and create VNS3 NATe virtual appliance from the marketplace 3. Log in VNS3 NATe 's web GUI and change credentials 4. Create and attach new interface to VNS3 NATe VM 5. Create a new route table and new route for LAN subnet 6. Test ==================================================================== If you found this video has some useful information✍, please give me a thumb up ✅ and subscribe this channel ?to get more updates?: ⚡https://www.youtube.com/c/Netsec?sub_confirmation=1 ⚡Resource Collection and Bookmarks: https://sites.51sec.org/ Learning and Sharing - 海内存知己,天涯若比邻 - ⚡https://51sec.org ?https://itprosec.com
Watch video on YouTube here: https://youtu.be/EswP-bfjI_E by Johnny Netsec
This video is second part of previous Palo Alto Azure Deployment video. There will be some access issues with default settings, such as routing related problem, or ping issue after we deployed our VM-Series firewall into Azure. There are some extra steps to do, e.g. configure Azure route table and associate a public ip with untrusted interface. Related post: ✍ https://blog.51sec.org/2021/12/deploy-palo-alto-vm-series-firewall.html Previous video: ⚡Deploy Palo Alto VM-Series Firewall in Azure Cloud - https://youtu.be/U35urt1fEwc ==================================================================== If you found this video has some useful information✍, please give me a thumb up ✅ and subscribe this channel ?to get more updates?: ⚡https://www.youtube.com/c/Netsec?sub_confirmation=1 ⚡Resource Collection and Bookmarks: https://sites.51sec.org/ Learning and Sharing - 海内存知己,天涯若比邻 - ⚡https://51sec.org ?https://itprosec.com ==================================================================== Credits for the music in this video: ► Alan Walker https://soundcloud.com/walkzz https://www.youtube.com/user/DjWalkzz ► FMD https://www.youtube.com/channel/UC_l59BueBNMqXCNZpte_jlA Alan Walker - Spectre ♫ [Copyright Free Music] - https://www.youtube.com/watch?v=oClz8GysyxM
Watch video on YouTube here: https://youtu.be/U35urt1fEwc by Johnny Netsec
This video is to show you the steps how to deploy Palo Alto VM-Series firewall into Azure to protect your cloud environment. Prerequisites 1. Azure Account 2. Subscription (Pay as you go) Steps: 1. Launch VM-Series Next Generation Firewall From Marketplace 2. Activate License 3. Configure Trust/Untrust Interfaces 4. Define Virtual Routers and Static Routes 5. NAT Rule for Internet Traffic 6. Create Security Policy Rules for Your Traffic 7. create a new public ip for your untrusted interface. (Option) Related post: ✍ https://blog.51sec.org/2021/12/deploy-palo-alto-vm-series-firewall.html ==================================================================== If you found this video has some useful information✍, please give me a thumb up ✅ and subscribe this channel ?to get more updates?: ⚡https://www.youtube.com/c/Netsec?sub_confirmation=1 ⚡Resource Collection and Bookmarks: https://sites.51sec.org/ Learning and Sharing - 海内存知己,天涯若比邻 - ⚡https://51sec.org ?https://itprosec.com ==================================================================== Music in this video: Alan Walker - Faded [Copyright Free Music] https://www.youtube.com/watch?v=e0kl2MuFGWU Credits: ► Alan Walker https://soundcloud.com/alanwalker https://twitter.com/IAmAlanWalker ► FMD https://www.youtube.com/channel/UC_l59BueBNMqXCNZpte_jlA
Watch video on YouTube here: https://youtu.be/py9iOC5OktY by Johnny Netsec
Deploy a Free NAT Gateway, Firewall and Router in Azure - VNS3 NATe
I were looking for a free and light-weight virtual appliance to act as nat gateway in my cloud environment to do some port forwarding job. Azure NSG (Network Security Group) is not able to do nat or port forwarding. Load balancer can do but it is not free. Other firewall solution will do job well, but they are too powerful and expensive for my user case. Eventually, I found this virtual appliance from Marketplace which gives me almost all I need, except the 50Mbps bandwidth restriction. VNS3 NATe - NAT Gateway virtual appliance includes firewall functions allowing outbound source and port NAT-ing and can limit outbound NAT to specific ports or destination addresses. Additionally, plugins can be used to provide outbound WAF or outbound URL filtering to a small "allow list" or via connection to a URL filtering service like Webroot's BrightCloud offering. What does this used for?
|
|