One of the major challenges of using netsim-tools was the installation process – pull the code from GitHub, install the prerequisites, set up search paths… I knew how to fix it (turn the whole thing into a Python package) but I was always too busy to open that enormous can of worms.
That omission got fixed in summer 2021; netsim-tools is now available on PyPI and installed with pip3 install netsim-tools.
In this post I will show you how to add pagination to a Lucky webapp and also style the pagination links with Bootrap and Font Awesome Icons. Software The following software versions were used in this post. Lucky - 0.28.0 Font Awesome (Free) - 5.15.4 Bootstrap - 5.1.0 Enable...continue reading
It has been a while since I have been excited to write about encrypted tunnels. It might be the sheer pain of troubleshooting old technologies, or countless hours of falling down the rabbit hole of a project’s source code, that always motivated me to pursue a better alternative (without much luck). However, I believe luck is finally on my side.
In this blog post we will explore using open-source WireGuard, a new technology that offers encrypted tunnels with remarkable performance and an effortless implementation, to establish secure encrypted tunnels between workloads in K8s clusters.
With the release of open-source Calico 3.14 back in June of 2020, Tigera announced a tech preview of its WireGuard integration, which allows node-to-node traffic to be encrypted using WireGuard.
Other encryption methods (e.g. TLS) were available to encrypt workloads’ traffic at higher TCP/IP layers (in this case, the Application Layer). However, WireGuard targets traffic at a lower layer (the Transport Layer), which makes it effective for a wider range of applications, and also reduces complexity for the user.
WireGuard is an open-source project that implements virtual private network (VPN) techniques to establish secure point-to-point connections leveraging Linux Continue reading
Every once in a while, I get questions from random internet folks who want me to do their homework for them. They want me to provide them with detailed technical information, solve their complex design problem, or curate content on a difficult topic so that they don’t have to do the sifting.
While I like to help folks out as much as anyone (and often do), I usually ignore these sorts of questions. Why? Partly, I don’t have enough time to fix the internet. Partly, I like to get paid for consulting. But more importantly, the best technologists first try to solve their own problems.
When interviewing candidates for technical positions, one of my questions is, “If you run into a problem you’ve never faced before, how do you solve it?” There are two typical answers.
I prefer to hire a person who first tries to figure things out. While I want neither a cowboy nor science experiments making their way into production, I Continue reading
When I was interviewing to join Cloudflare in 2014 as a member of the SRE team, we had just introduced our generation 4 server, and I was excited about the prospects. Since then, Cloudflare, the industry and I have all changed dramatically. The best thing about working for a rapidly growing company like Cloudflare is that as the company grows, new roles open up to enable career development. And so, having left the SRE team last year, I joined the recently formed hardware engineering team, a team that simply didn’t exist in 2014.
We aim to introduce a new server platform to our edge network every 12 to 18 months or so, to ensure that we keep up with the latest industry technologies and developments. We announced the generation 9 server in October 2018 and we announced the generation 10 server in February 2020. We consider this length of cycle optimal: short enough to stay nimble and take advantage of the latest technologies, but long enough to offset the time taken by our hardware engineers to test and validate the entire platform. When we are shipping servers to over 200 cities around the world with a variety of regulatory Continue reading
Off-topic post for today …
In the battle between marketing and security, marketing always wins. This topic came to mind after reading an article on using email aliases to control your email—
One of the most basic things you can do to increase your security against phishing attacks is to have two email addresses, one you give to financial institutions and another one you give to “everyone else.” It would be nice to have a third for newsletters and marketing, but this won’t work in the real world. Why?
Because it’s very rare to find a company that will keep two email addresses on file for you, one for “business” and another for “marketing.” To give specific examples—my mortgage company sends me both marketing messages in the form of a “newsletter” as well as information about mortgage activity. They only keep one email address on file, Continue reading
Today on the Tech Bytes podcast we explore the evolution of SD-WAN to encompass Zero Trust Network Access, or ZTNA. Our sponsor is Fortinet and we’ll dig into how Fortinet’s SD-WAN and FortiClient combine to support work from anywhere with zero trust.
The post Tech Bytes: Fortinet Secures Work-From-Anywhere With SD-WAN And ZTNA (Sponsored) appeared first on Packet Pushers.
This week's Network Break examines how ransomware has insurers rethinking premiums and coverage limits, discusses the pros and cons of ISPs sharing flow records with security companies, digs into Arista's efforts to tackle the router market, pontificates on TSMC chip price hikes, and more tech news analysis.
The post Network Break 348: Ransomware Bedevils Cyber Insurance; TSMC To Raise Chip Prices appeared first on Packet Pushers.