Jinja2 Tutorial – Part 6 – Include and Import
Welcome to another instalment in my Jinja2 Tutorial series. So far we've learned a lot about rendering, control structures and various functions. Here we'll start discussing language features that help us deal with organizing templates. First constructs we'll look at are include and import statements.
Jinja2 Tutorial series
- Jinja2 Tutorial - Part 1 - Introduction and variable substitution
- Jinja2 Tutorial - Part 2 - Loops and conditionals
- Jinja2 Tutorial - Part 3 - Whitespace control
- Jinja2 Tutorial - Part 4 - Template filters
- Jinja2 Tutorial - Part 5 - Macros
- Jinja2 Tutorial - Part 6 - Include and Import
- J2Live - Online Jinja2 Parser
Contents
Introduction
Include and Import statements are some of the tools that Jinja gives us to help with organizing collections of templates, especially once these grow in size.
By using these constructs we can split templates into smaller logical units, leading to files with well-defined scopes. This in turn will make it easier to Continue reading
Quick personal vpn – wireguard with aws
I have written about wire-guard previously about how easy it is to set-up a personal vpn
What is the issue: I have never explained the use-case clearly in that post, let me try to re-attempt the write-up again
you see, on a personal basis I need to access few websites which are hosted in India, issue with these websites is that they dont allow any traffic external to the country
There are many browser based proxies out there which can do this task just fine and also paid services, my problem is that when you are exchanging user/password information and financial transactions over these proxies you don’t know how exactly all this data getting exchanged and transmitted
Few Tips from my experience before i get into the post :
-> you need to change ubuntu instances ipv4 forwarding so that it will forward packets through the instance also nats it
root@ip-172-31-34-66:~# cat /etc/sysctl.conf | egrep -i ip_forward net.ipv4.ip_forward=1 root@ip-172-31-34-66:~#
-> Make sure you dont start routing everything first, take public DNS’s and test the system with allowed_ips in the configuration file else you will loose internet access and if not done correctly you will Continue reading
Announcing Spectrum DDoS Analytics and DDoS Insights & Trends
We’re excited to announce the expansion of the Network Analytics dashboard to Spectrum customers on the Enterprise plan. Additionally, this announcement introduces two major dashboard improvements for easier reporting and investigation.
Network Analytics
Cloudflare's packet and bit oriented dashboard, Network Analytics, provides visibility into Internet traffic patterns and DDoS attacks in Layers 3 and 4 of the OSI model. This allows our users to better understand the traffic patterns and DDoS attacks as observed at the Cloudflare edge.
When the dashboard was first released in January, these capabilities were only available to Bring Your Own IP customers on the Spectrum and Magic Transit services, but now Spectrum customers using Cloudflare’s Anycast IPs are also supported.
Protecting L4 applications
Spectrum is Cloudflare’s L4 reverse-proxy service that offers unmetered DDoS protection and traffic acceleration for TCP and UDP applications. It provides enhanced traffic performance through faster TLS, optimized network routing, and high speed interconnection. It also provides encryption to legacy protocols and applications that don’t come with embedded encryption. Customers who typically use Spectrum operate services in which network performance and resilience to DDoS attacks are of utmost importance to their business, such as email, remote access, and gaming.
Spectrum customers Continue reading
Worth Reading: The Trap of The Premature Senior
Here’s another riff on the “when you’re the smartest person in the room, change the room” theme: The Trap of The Premature Senior by inimitable Charity Majors. Enjoy!
Securing Your Work From Home
Wanna make your security team’s blood run cold? Remind them that all that time and effort they put in to securing the enterprise from attackers and data exfiltration is currently sitting unused while we all work from home. You might have even heard them screaming at the sky just now.
Enterprise security isn’t easy, nor should it be. We constantly have to be on the offensive to find new attack vectors and hunt down threats and exploits. We have spent years and careers building defense-in-depth to an artform not unlike making buttery croissants. It’s all great when that apparatus is protecting our enterprise data center and cloud presence like a Scottish castle repelling invaders. Right now we’re in the wilderness with nothing but a tired sentry to protect us from the marauders.
During Security Field Day 4, I led a discussion panel with the delegates about the challenges of working from home securely. Here’s a link to our discussion that I wanted to spend some time elaborating on:
Home Is Where the Exploits Are
BYOD was a huge watershed moment for the enterprise because we realized for the first time that we had to learn to secure other people’s Continue reading
Heavy Networking 549: The Future Of Networking With Simon Sharwood
In this discussion, Greg accosts...no, converses with...Simon Sharwood on a variety of issues highly relevant to networking's future. It turns out, Simon is not short on opinions. And thusly, Simon and Greg opine about sundry topics.Heavy Networking 549: The Future Of Networking With Simon Sharwood
In this discussion, Greg accosts...no, converses with...Simon Sharwood on a variety of issues highly relevant to networking's future. It turns out, Simon is not short on opinions. And thusly, Simon and Greg opine about sundry topics.
The post Heavy Networking 549: The Future Of Networking With Simon Sharwood appeared first on Packet Pushers.
Member News: Internet in a Small Box
Net-á-porter: The South African Chapter of the Internet Society has been promoting an “Internet-in-a-box” initiative using an SD card to configure an inexpensive Raspberry Pi device. Interested people can configure an SD card or even order a pre-loaded SD card.
Taxing the ‘Net: The Mexico Chapter has gone on record as opposing a digital services tax proposed by the Mexican government. “If this initiative is approved, which would have a negative impact on free access to content and information by citizens, [and] we could find ourselves with a potential instrument of discrimination and censorship,” the Chapter said. The tax on foreign digital services would be 16 percent.
Moving governance forward: Pacific Islands Chapter member Swaran Ravindra noted that cybersecurity and digital inclusion were big topics at the recent Asia Pacific Regional Internet Governance Forum 2020. “Disruptive technologies … have enormous benefits for the Pacific region at large, but we cannot ignore the need for our people to be completely cognizant of the cybersecurity issues which we are being exposed to,” she wrote. “Fiji struggles with cyberbullying, suicide, mental health issues, fraud, and crime [that] technology may have been a part of, either intentionally or unintentionally. In order to leverage technology Continue reading
Networking and Infrastructure News Roundup: November 6 Edition
IBM and Moogsoft aim for improved visibility into cloud environments; several companies expand their storage lines offering higher performance and cloud integration.Virtual Patching with VMware NSX Distributed IDS/IPS
Patching: The Perennial Problem
Cybersecurity consumes an ever-increasing amount of our time and budgets, yet gaps remain and are inevitably exploited by bad actors. One of the biggest gaps is unpatched vulnerabilities: a recent survey found that 60% of cyberattacks in 2019 were associated with vulnerabilities for which patches were availablei.
Most companies have a patch schedule that is barely able to keep up with applying the most important patches to the most critical vulnerabilities. Yet new ones crop up all the time: approximately 15,000 new vulnerability are discovered every year, which translates to one every 30 minutes ii. They impact all types of workloads, from multiple vendors, as well as open source projects.
It’s a constant race to try to find and fix the most dangerous vulnerabilities before the bad actors can exploit them. But ignoring them is not an option.
The Simplest Approach is Not So Simple
Why not just patch everything or fix flaws in the code? Because it’s operationally challenging – and almost impossible.
First, patching is an expensive and largely manual process. Second, applications may rely Continue reading
Fall 2020 RPKI Update
The Internet is a network of networks. In order to find the path between two points and exchange data, the network devices rely on the information from their peers. This information consists of IP addresses and Autonomous Systems (AS) which announce the addresses using Border Gateway Protocol (BGP).
One problem arises from this design: what protects against a malevolent peer who decides to announce incorrect information? The damage caused by route hijacks can be major.
Routing Public Key Infrastructure (RPKI) is a framework created in 2008. Its goal is to provide a source of truth for Internet Resources (IP addresses) and ASes in signed cryptographically signed records called Route Origin Objects (ROA).
Recently, we’ve seen the significant threshold of two hundred thousands of ROAs being passed. This represents a big step in making the Internet more secure against accidental and deliberate BGP tampering.
We have talked about RPKI in the past but we thought it would be a good time for an update.
In a more technical context, the RPKI framework consists of two parts:
- IP addresses need to be cryptographically signed by their owners in a database managed by a Trust Anchor: Afrinic, APNIC, ARIN, LACNIC and RIPE. Those Continue reading
Video: NetQ and Cumulus Linux Data Models
In the last part of his Cumulus Linux 4.0 Update Pete Lumbis talked about using NetQ to capture streaming telemetry and increase network observability, and the new model-driven configuration approach (including all the usual buzzwords like NETCONF, RPC, YAML, JSON, and OpenConfig) coming in 2020.
You need Free ipSpace.net Subscription to watch the video.
The Role of Wi-Fi 6 in the Post-COVID College Campus
By ensuring the right infrastructure is in place to support Wi-Fi 6, colleges (and businesses) can adapt the latest technologies and lead in innovation.Migrating to the Cloud? Now What?
In light of belt-tightening due to COVID-19, cloud migrations are increasingly being pushed by finance leaders in their quest to shift from CapEx to OpEx spending.Changes to Our Work in 2021
Here at the Internet Society, we believe that the Internet is for everyone. Our work focuses on ensuring that the Internet remains open, globally-connected, trustworthy, and secure.
In 2020, we saw the world change in ways that no one could have anticipated. Because of this, like so many other organizations, we had to assess our current and future plans and evaluate the resources available to us. As a result, we have made some changes to our activities for the upcoming year.
Moving into 2021, we will reduce activities related to our Open Standards Everywhere (OSE) and Time Security projects.
We still deeply believe that open Internet standards and securing the Internet’s time synchronization infrastructure are critical components for building an open and trustworthy Internet. So, while OSE and Time Security will no longer be standalone projects next year, we will continue to promote and defend these concepts through our other projects, initiatives, and activities.
Our work in 2020 in both these areas has had a measurable impact and many successes, which we will document in the 2020 Impact Report that will be published in early 2021. We will continue to finish work in progress on Time Security and OSE Continue reading
Seeking Truth in Networking, Introduction
Meet co-hosts Brandon Heller and Derick Winkworth and learn about why we created this podcast: to bring you authentic conversations from the broader computer networking community.
We’re on a journey to understand what an increasingly connected world means for all of us.
Defeat Emotet Attacks with Behavior-Based Malware Protection
The security community has enjoyed a few months of silence from Emotet, an advanced and evasive malware threat, since February of this year. But the silence was broken in July as the VMware Threat Analysis Unit (TAU) observed a major new Emotet campaign and, since then, fresh attacks have continued to surface. What caught the attention of VMware TAU is that the security community still lacks the capacity to effectively detect and prevent Emotet, even though it first appeared in 2014. As an example of this, Figure 1 shows the detection status on VirusTotal for one of the weaponized documents from a recent Emotet attack. Only about 25% of antivirus engines blocked the file, even though the key techniques — such as a base64-encoded PowerShell script used to download the Emotet payload from one of five URLs — are nothing new. (These results were checked five days after they were first submitted to VirusTotal.)
Figure 1: Detection of an Emotet-related document on VirusTotal
In this blog post, we’ll investigate the first stage of the recent Emotet attacks by analyzing one of the samples from the recent campaign to reveal the tactics, techniques, and procedures (TTPs) used. This will help Continue reading