Thursday, October 20, 2016

Mac for Hackers: How to Install iTerm2 Using the Terminal [feedly]

Mac for Hackers: How to Install iTerm2 Using the Terminal

-- via my feedly newsfeed

Now that we've talked about encryption and managing your passwords, let's continue this series on getting your Mac ready for hacking by turning our attention to the terminal. The terminal is a key component of any pen tester's setup. We're going to be spending a lot of time working with the terminal, so the goal is to be comfortable with it. We want something that is appealing to our eye, feature-rich, and stable. A good terminal emulator will help us manage our workflow efficiently. For macOS, my preferred terminal emulator is iTerm2. An honorable mention goes out to Cathode, which attempts... more

Mac for Hackers: How to Manage Your Passwords with KeePassX [feedly]

Mac for Hackers: How to Manage Your Passwords with KeePassX

-- via my feedly newsfeed

Now that we've learned about keeping all our data safe with encryption, it's time to continue progressing through getting your Mac set up for hacking. Just like most other people, we hackers have a lot of credentials to manage. We're also human, so we have a hard time creating random difficult-to-brute-force passwords. So instead of rolling up all of our passwords with Diceware, we'll let our machine do the work for us—both in guarding the passwords and generating them. For this, we'll use a password manager. There are many password managers on the market, and some of the heavy hitters for... more

Xen Orchestra 5.3 [feedly]

Xen Orchestra 5.3

-- via my feedly newsfeed

A new month, a new release! This one offers a big focus on overall quality (a lot of bugs fixed, that's even a new record in numbers). But there is also nice new features.

Keyboard shortcuts

You can now navigate through the app with keyboard shortcuts! By pressing the "h" (or "?") key, you'll have a popup with the list of existing shortcuts:

"Global" means those shortcuts will be available everywhere in the application. "Home" means they are only working in the home view.

You can discover more about shortcuts here.

Hosts and pools RAM usage

In the home view, when you are on "host":

Blue bars indicates the RAM usage. If you hover on it, you'll have a tooltip with a recap:

It works the same way in the home/pool view:

Hosts live usage overview

In the home/host view, you can now have a stat display for all your hosts in live:

This is a good way to quickly see hosts using a lot of ressources.

More options at VM creation

We simplified the VM creation process by adding "advanced" stuff in a dedicated category. Therefore, we got more possibilities for adding extra features without render the interface unusable.

You can now, during VM creation, to:

  • set "auto power on"
  • add tags
  • memory limits (dynamic/static min/max)

VIF edition

Edit a virtual interface is not directly possible in XenServer API. The "trick" is to remove it and recreate it on the fly. It's transparent for you and now it works in Xen Orchestra!

Network Bond creation

Now, you can create a network based on multiple interfaces: a bond.

Preparing for the future

We also made some very interesting explorations on backup side. Some exciting new features will come on this side in few next releases. Stay tuned!

New XO virtual Appliance [feedly]

New XO virtual Appliance

-- via my feedly newsfeed

In the next weeks, we'll release a new version of the virtual appliance itself, which is running Xen Orchestra.

This new appliance will be unified, more secure, faster and easier to use. Let's see why!

Unified XOA? It means one XOA to rule them all. No dedicated version of Free, Starter, Enterprise or Premium. Because our updater is able to "transform" it on-the-fly. Doesn't matter if you upgrade or downgrade, just run the update and you are OK!



Root account password is now disabled. You'll connect via a xoa user, and use sudo to make system operations.

Password change

After your first connection to XOA with xoa user and xoa password (SSH or via console), the system will ask you to change your password.


By default, XOA is now behind a firewall. SSH is even protected with a rate limit rule. We'll update the doc to give you more details on how to configure it if necessary, but only needed ports are open. XOA stays turnkey (you can reach it without any pre-configuration), but it's far more secure!


This new appliance is running in PVHVM mode. In general, this give a 15% performance boost, see our previous article on PV vs PVHVM XenServer benchmark.



We added a bashrc file to have a beautiful prompt, helping you to have a distinct shell on XOA.

The prompt also display any change in a Git repository (see the next paragraph).

/etc in Git

This will allow to track changes done in the XOA conf, and rollback if necessary.

SSH support ready

A xoa-support account exists, but can only log via a SSH key pair (no password), that we only have (ie the private key). If you don't want this, you can disable the account with the chage -E 0 xoa-support command.

Built for tomorrow

Extra packages are also include for future possibilities in XOA. It also includes the latest LTS version of Node (6).

Want to test it?

Beside your production XOA, you can make a try if you like. You can download it from here (only XS7 compatible for now, but will be 6.x too in the final release).

Webinar Recap: Docker for Windows Server 2016 [feedly]

Webinar Recap: Docker for Windows Server 2016

-- via my feedly newsfeed

Last week, we held our first webinar on "Docker for Windows Server 2016" to a record number of attendees, showcasing the most exciting new Windows Server 2016 feature – containers powered by Commercially Supported Docker Engine.

Docker CS Engine and containers are now available natively on Windows and supported by Microsoft with Docker's Commercially Supported (CS) Engine included in Windows Server 2016.Now developers and IT pros can begin the same transformation for Windows-based apps and infrastructure to reap the benefits they've seen with Docker for Linux: enhanced security, agility, and improved portability and freedom to run applications on bare metal, virtual or cloud environments.

Watch the on-demand webinar to learn more about the technical innovations that went into making Docker containers run natively on Windows and how to get started.

Webinar: Docker for Windows Server 2016

Here are just a few of the most frequently asked questions from the session.  We're still sorting through the rest and will post them in a follow up blog.

Q: How do I get started?

A: Docker and Microsoft have worked to make getting started simple, we have some great resources to get you started whether you're a developer or an IT pro:

Q: How is Docker for Windows Server 2016 licensed?

A: Docker CS Engine comes included at no additional cost with Windows Server 2016 Datacenter, Standard, and Essentials editions with support provided by Microsoft and backed by Docker. Support is provided in accordance with the selected Windows Server 2016 support contract with available SLAs and hotfixes and full support for Docker APIs.

Q: Is there a specific Windows release that supports Docker for development?

A: You can get started using Windows 10 Anniversary Edition by installing Docker for Windows (direct link for  public beta channel) or by downloading and installing Windows Server 2016. You can also get started using Azure.

To learn more about how to get started, read our blog: Build And Run Your First Docker Windows Server Container or get started with the Docker for Windows Containers Lab on GitHub.

Q: Windows has a Server Core and Nano Sever base image available. What should I use?

A: Windows Server Core is designed for backwards compatibility. It is a larger base image but has the things you need so your existing applications are able to run in Docker. Nano Server is slimmer and is best suited for new applications that don't have legacy dependencies.

For more resources:

Check out the #Docker for Windows Server 2016 Webinar video and Q&A Recap w/ @friism
Click To Tweet

The post Webinar Recap: Docker for Windows Server 2016 appeared first on Docker Blog.

Part 1: Introduction to Isolation Groups in XenDesktop [feedly]

Part 1: Introduction to Isolation Groups in XenDesktop

-- via my feedly newsfeed

By design, App-V applications are isolated from each other and each AppV application is run within its own separate virtual environment—they do not share any data with other AppV applications. While this application isolation is welcome, as it promotes application compatibility by preventing any cross-application conflict, there is a need, at times, to overcome this […]

Citrix XenServer Supports Microsoft Plans for Enhanced Virtualization Security [feedly]

Citrix XenServer Supports Microsoft Plans for Enhanced Virtualization Security

-- via my feedly newsfeed

Today, Microsoft announced their intent to extend their Server Virtualization Validation Program (SVVP) with an Additional Qualification for third party hypervisors, such as Citrix XenServer, to support some Windows Server 2016 virtualization-based security features (VBS), notably Credential Guard (CG) and Device Guard (DG).

Improving XenServer VNC Mouse Performance on MCS-Created Machines [feedly]

Improving XenServer VNC Mouse Performance on MCS-Created Machines

-- via my feedly newsfeed

I have seen a number of forum posts and internal emails about the fact that on machine creation services (MCS) created machines, the VNC mouse performance isn't all that good, so this post explains why it is this way and how to return the mouse performance to normal. It should be noted that this only affects VNC connections […]

Nutanix Supports Citrix XenServer to Deliver a Superior VDI Experience [feedly]

Nutanix Supports Citrix XenServer to Deliver a Superior VDI Experience

-- via my feedly newsfeed

Since we first started working together, Citrix and Nutanix have been laser-focused on simplifying VDI with pre-configured hyper-converged infrastructure (HCI) that ensures a superior end user experience.

Today, we're taking that partnership to new levels with Nutanix support for the


XenApp and XenDesktop 7.11 MCS Full Clone Support [feedly]

XenApp and XenDesktop 7.11 MCS Full Clone Support

-- via my feedly newsfeed

Since Machine Creation Services (MCS) was first released in XenDesktop 5.0, every VM created has used a delta structure for the VM`s created on a hypervisor. This means that all VM writes go to the delta disk, but the base …

Citrix, Microsoft and XenServer Integration Technologies #1 [feedly]

Citrix, Microsoft and XenServer Integration Technologies #1

-- via my feedly newsfeed

It might surprise you to learn that XenServer recently marked its 10th year anniversary of commercially available releases (an event covered very well in a recent blog post from James Bulpin).

The early releases of XenServer (called XenEnterprise back then) …

Wednesday, October 19, 2016

Elastic and the Chef Partner Cookbook Program [feedly]

Elastic and the Chef Partner Cookbook Program

-- via my feedly newsfeed 

I'm delighted to announce that Elastic is now part of the Chef Partner Cookbook Program. Elastic's cookbook named elasticsearch will install and help configure your elastic instance.

Elastic provides real-time insights and makes massive amounts of structured and unstructured data usable for developers and enterprises. Built around four open source products — Elasticsearch, Kibana, Logstash and Beats — Elastic powers many of the world's leading mobile, social, consumer and business applications. To learn more, visit

The Chef Partner Cookbook Program is a collaboration between Chef and the vendor to help validate cookbooks in our public supermarket.

Congratulations to elastic!

Become a Certified Chef: A guide to the Chef Certification program [feedly]

Become a Certified Chef: A guide to the Chef Certification program

-- via my feedly newsfeed

Chef Certification provides a mechanism for individuals to demonstrate their knowledge and practical experience with Chef, allowing them to enhance their marketability. The program also provides a learning path for each badge with well defined achievements and progression milestones. In this webinar, we will talk about Chef's modular and flexible approach to certification. We'll explain why we use "badges" and how this allows us to be agile to change within Chef's product portfolio and evolution of the wider ecosystem. Join us to learn: - How the Chef Certification framework is structured - The Chef Certification user experience - How to prepare for Chef Certification Who should attend: This webinar is intended for anyone who wants to learn more about the Chef Certification program, its technical depth and how to get started with it.

Wednesday, October 12, 2016

pfSense 2.3.2-p1 RELEASE Now Available! [feedly]

pfSense 2.3.2-p1 RELEASE Now Available!

-- via my feedly newsfeed

We are happy to announce the release of pfSense® software version 2.3.2-p1!

This is a maintenance release in the 2.3.x series, bringing a number of bug fixes. The full list of changes is on the 2.3.2-p1 New Features and Changes page.

This release includes fixes for 34 bugs and 2 feature items completed.

If you haven't yet caught up on the changes in 2.3.x, check out the Features and Highlights video. Past blog posts have covered some of the changes, such as the performance improvements from tryforward, and the webGUI update.

Upgrade Considerations

As always, you can upgrade from any prior version directly to 2.3.2_1. The Upgrade Guide covers everything you'll need to know for upgrading in general.  There are a few areas where additional caution should be exercised with this upgrade if upgrading from 2.2.x or an earlier release, all noted in the 2.3 Upgrade Guide.

Known Regressions

While, nearly all of the common regressions between 2.2.6 and 2.3-RELEASE have been fixed in subsequent releases, the following still exist:

  • IPsec IPComp does not work. This is disabled by default. However in 2.3.1, it is automatically not enabled to avoid encountering this problem. Bug 6167
  • IGMP Proxy does not work with VLAN interfaces, and possibly other edge cases. Bug 6099. This is a little-used component. If you're not sure what it is, you're not using it.
  • Those using IPsec and OpenBGPD may have non-functional IPsec unless OpenBGPD is removed. Bug 6223


Compared to pfSense 2.2.x, the list of available packages in pfSense 2.3.x has been significantly trimmed.  We have removed packages that have been deprecated upstream, no longer have an active maintainer, or were never stable. A few have yet to be converted for Bootstrap and may return if converted. See the 2.3 Removed Packages list for details.  pfSense 2.3.2 does bring back ntopng, and the vnstat (traffic totals) package is new.

pfSense software is Open Source

For those who wish to review the source code in full detail, the changes are all publicly available in three repositories on Github. 2.3.2-RELEASE-p1 is built from the RELENG_2_3_2 branch of each repository.

Main repository – the web GUI, back end configuration code, and build tools.
FreeBSD source – the source code, with patches of the FreeBSD 10.3 base.
FreeBSD ports – the FreeBSD ports used.


Downloads are available on the mirrors as usual.

Downloads for New Installs and Upgrades to Existing Systems – note it's usually easier to just use the auto-update functionality, in which case you don't need to download anything from here. Check the Firmware Updates page for details.

Supporting the Project

Our efforts are made possible by the support our customers and the community. You can support our efforts via one or more of the following.

  • pfSense Store –  official hardware, apparel and pre-loaded USB sticks direct from the source.  Our pre-installed appliances are the fast, easy way to get up and running with a fully-optimized system. All are now shipping with 2.3 release installed.
  • Gold subscription – Immediate access to past hang out recordings as well as the latest version of the book after logging in to the members area.
  • Commercial Support – Purchasing support from us provides you with direct access to the pfSense team.
  • Professional Services – For more involved and complex projects outside the scope of support, our most senior engineers are available under professional services.

Mac for Hackers: How to Create an Encrypted Disk Image [feedly]

Mac for Hackers: How to Create an Encrypted Disk Image

-- via my feedly newsfeed

Before we dive any further into getting your Mac ready for hacking, I wanted to continue on with the concept of encryption. In the last part, we talked about full disk encryption on your Mac, but now I want to quickly cover the encryption of disk images before we dive into managing passwords, terminal emulators, etc. So Why Use Encrypted Disk Images? Cloud platforms are convenient, thanks to the ability to upload and access data from any device anywhere with an internet connection. However, the downside is that our data is stored on someone else's machine. Dropbox was breached by hackers in... more

Mac for Hackers: How to Enable Full Disk Encryption to Protect Your Data [feedly]

Mac for Hackers: How to Enable Full Disk Encryption to Protect Your Data

-- via my feedly newsfeed

This is the very first article in my series on setting up a Mac for hacking. In this series, I will be operating under the assumption that you have a clean install of macOS (previously OS X). If you aren't starting with a clean installation, there may be a few differences, but nothing we can't help you out with. The first step in setting up any hacking environment is full disk encryption (FDE), which gives us a solid backline defense against anyone who might have an interest in our bits. It's also just good standard practice for hackers and non-hackers alike. With the widespread availability... more

Mac for Hackers: How to Get Your Mac Ready for Hacking [feedly]

Mac for Hackers: How to Get Your Mac Ready for Hacking

-- via my feedly newsfeed

When it comes to hacking guides, most are written from the perspective of a Linux user. There are a few outliers, but it's mainly Linux, which leads to the idea that Linux is the only OS that's viable for hacking. This couldn't be further from the truth. A properly set up Apple machine can do quite a bit of heavy lifting. In the days before macOS (previously called OS X), hacking on an Apple machine was laughable. Tools were sparse, the hardware was specific to Apple, and developers often didn't bother porting to Mac because of the small market share or the perception that they weren't for... more

The Three Ways Revisited | The DevOps Handbook [feedly]

The Three Ways Revisited | The DevOps Handbook

-- via my feedly newsfeed

Wondering if The DevOps Handbook is for you? Authors, Gene Kim, Jez Humble, Patrick Debois and John Willis developed this book for anyone looking to transform their IT organization—especially those who want to make serious changes through the DevOps methodology in order to increase productivity, profitability and win the marketplace. It is the all-inclusive guide for planning and executing DevOps transformations while providing background on the history of DevOps and dozens of case studies to support DevOps principles. It also provides best practices to help organizations unite disparate teams, achieve common goals and obtain support from the highest levels of leadership.

The DevOps Handbook digs into the three foundational principles underpinning DevOps, now known as The Three Ways: Flow, Feedback, and Continual Learning and Experimentation. If you've read The Phoenix Project, you probably have a solid understanding of each. In a previous blog post, Gene provided a quick snapshot of each principle. The DevOps Handbook follows in the footsteps of The Phoenix Project by offering a high level examination of the Three Ways as the focus of Part 1 of the new book.

As the book works through the Three Ways, readers will be able to identify how high-performing companies leveraged these principles to win the marketplace. The hope is that large organizations replicate the success of high performers to execute their own successful DevOps transformations. This six-part book is rife with useful content, including:

  • The resulting work from five years of collaboration and 2,000 hours of contribution between the co-authors
  • More than 40 DevOps case studies, including Amazon, Etsy, Capital One, Google, Facebook, Intuit, Nationwide Insurance and many more
  • More than 400 pages of DevOps applications, lessons and "how-to's"
  • DevOps data gathered from more than 25,000 data points.
  • A follow-up to The Phoenix Project which has sold 250,000 copies

The DevOps Handbook leads with DevOps history, explaining how it was derived from bodies of knowledge that span over decades, and its resulting technical, architectural and cultural practices. Once the historical foundation is laid, readers dive into the Three Ways principles. Readers will have a deeper understanding of the theory and principles that led to DevOps today. The resulting concrete principles and patterns, and their practical application to the technology value stream, are presented in the remaining chapters of the book.

Next week we will take a more thorough look at the First Way. You can order the book and follow the IT Revolution blog as we unpack each of the three ways to set a solid foundation for DevOps practices that lead to organizational transformation.

The post The Three Ways Revisited | The DevOps Handbook appeared first on IT Revolution.

The DevOps Handbook | Debunking DevOps Myths [feedly]

The DevOps Handbook | Debunking DevOps Myths

-- via my feedly newsfeed

Despite its rise in popularity, there are still a number of fallacies circulating around DevOps. While successful business and IT transformation case studies abound, these myths have unfortunately led some leaders and organizations to believe that DevOps principles and practices are not suitable or relevant to their unique situations. The DevOps Handbook co-authors and DevOps pioneers – Gene Kim, Jez Humble, Patrick Debois and John Willis – have found that companies generally face similar problems when it comes to software delivery. Together, through extensive case studies and personal experience reports they unpack these myths and demonstrate how DevOps can help large organizations of all kinds become high performers and win their marketplace.

Here is a snapshot of some of these myths. They each are addressed more fully in The DevOps Handbook.

  • Myth #1DevOps is Only for Startups

Although DevOps practices were pioneered by web-scale, Internet "unicorn" companies, each has risked going out of business because of the problems associated with traditional "horse" companies. However, these organizations were able to transform their architecture, technical practices and culture to create the amazing outcomes that are associated with DevOps.

  • Myth #2—DevOps Replaces Agile

DevOps does not bump heads with Agile, in fact the principles and practices are compatible. Many have observed that DevOps is a logical continuation of the Agile journey. Agile is an effective enabler of DevOps because it focuses on small teams delivering high quality code to customers.

  • Myth #3—DevOps is Incompatible with ITIL

To support the shorter lead times and higher deployment frequencies associated with DevOps, many areas of the ITIL processes become fully automated, solving many problems associated with configuration and release management processes. Because DevOps requires fast detection and recovery when service incidents occur, the ITIL disciplines of service design, incident and problem management remain as relevant as ever.

  • Myth #4DevOps is Incompatible with Information Security and Compliance

The absence of traditional controls may dismay information security and compliance professionals. However, that doesn't mean that DevOps organizations don't have effective controls. Instead of security and compliance activities only being performed at the end of the project, controls are integrated into every stage of the daily work in the software development lifecycle, which results in higher quality, security and compliance outcomes.

  • Myth #5—DevOps Means Eliminating IT Operations, or "NoOps"

Many misinterpret DevOps as the complete elimination of the IT Operations function, but this is rarely the case. While the nature of IT Operations work may change, it remains as important as ever.

  • Myth #6DevOps is Just "Infrastructure as Code" or Automation

While automation is a requirement for many DevOps patterns, DevOps also requires cultural norms and an architecture that allows for the shared goals to be achieved throughout the IT value stream.

  • Myth #7DevOps is Only for Open Source Software

Although many DevOps success stories take place in organizations using software, such as the LAMP stack (Linux, Apache, MySQL, PHP), achieving DevOps outcomes is independent of the technology being used. Successes have been achieved with applications written in Microsoft.NET, COBOL and mainframe assembly code, as well as with SAP and even embedded systems.

The authors of The DevOps Handbook collaborated for years to capture details of the DevOps transformations they've helped lead or observed. These success stories are aimed at helping organizations understand how they too can overcome the problems they face as they scale software delivery for the enterprise. The DevOps Handbook will guide technology organizations on their journeys to increase agility, reliability and security by leveraging the right DevOps tools and practices.

To order a copy of the book, please visit:

What myths do you think exists about DevOps? Share your thoughts!

The post The DevOps Handbook | Debunking DevOps Myths appeared first on IT Revolution.

Pre-release of Upcoming Version of XenServer Now Available for Download [feedly]

Pre-release of Upcoming Version of XenServer Now Available for Download

-- via my feedly newsfeed

Hear ye, hear ye… we are pleased to announce that a pre-release of an upcoming version of the XenServer server virtualization platform is now available for download on
Since releasing version 7.0 in May, the XenServer engineering team has been working fervently to prepare the platform with the latest innovations in server virtualization technology. As a precursor, a pre-release containing the prerequisites for enabling a number of powerful (and really cool!) new features has been made available for download on
The following is a brief description of some of the feature-prerequisites included in this pre-release:
Xen4.7:  Specifically, support for "live-patching" of XenServer hosts
Kernel 4.4: Updated kernel to support future feature considerations
VM import/export performance: The importing/exporting of VMs now averages 2x faster than the previous version
We encourage visitors to download the pre-release and provide us with your feedback.
As always, we look forward to working with the XenServer community to make the next major release of XenServer the best version ever!



Andy M.

Senior Solutions Architect - XenServer PM