Transform Your Branch Locations by Going Direct-to-Internet
A new white paper from Zscaler discusses the importance of beginning your branch transformation journey with a solution designed and built to support a cloud-first enterprise
Using Webpack to bundle your Workers modules
A brief introduction to bundling your Service Worker scripts.
Photo by Joyce Romero / Unsplash
// The simplest Service Worker: A passthrough script
addEventListener('fetch', event => {
event.respondWith(fetch(event.request))
})
The code above is simple and sweet: when a request comes into one of Cloudflare’s data centers, passthrough to the origin server. There is absolutely no need for us to introduce any complex tooling or dependencies. Nevertheless, introduce we will! The problem is, once your script grows even just a little bit, you’ll be tempted to use JavaScript’s fancy new module system. However, in doing so, you’ll have a little bit of trouble uploading your script via our API (we only accept a single JS file).
Throughout this post, we’ll use contrived examples, shaky metaphors, and questionably accurate weather predictions to explain how to bundle your Service Worker with Webpack.
Webpack
Let’s just say Webpack is a module bundler. That is, if you have code in multiple files, and you tie them together like this:
app.js
// Import the CoolSocks class from dresser.js
import { CoolSocks } from './dresser'
import { FancyShoes } from './closet'
Then you can tell webpack to follow all of those Continue reading
3 Tips for Adopting Microservices
Successful microservices adoption require a thoughtful approach. Here are three tips any organization can use in its migration journey.
If We Care About the Internet, We Have to Be Willing to Do Our Part
Whether it’s playing dungeons and dragons over voice chat with my college friends hundreds of miles away, reading the latest movie reviews for summer blockbusters I’ll watch once they come out on video, or simply paying electrical bills, the Internet has become an important part of my life.
Yet, while I have come to rely on the Internet, I don’t always do what is best for it.
I don’t always patch my connected devices or applications, leaving them vulnerable to compromise and use in a botnet. I don’t look for security when buying an app or a device, let alone look at the privacy policies.
While I know I am hurting the overall security of the Internet, I find myself thinking, “I’m just one person, how much damage could I do?”
Unfortunately, according to one recent survey, there are a lot of people who act just like me.
The results from the 2018 CIGI-Ipsos Global Survey on Internet Security and Trust* suggest that many users fail to make security a priority as they shop for Internet of Things (IoT) devices. (IoT refers to “scenarios where network connectivity and computing capability extends to objects, sensors and everyday items not normally considered computers, allowing these devices to generate, exchange and consume data with minimal human Continue reading
Network Transformation: The Elephant in the Office
Companies can't overlook the critical role of the network in adopting new tech like AI and IoT. Here are some ways to begin tackling the challenges of next-generation networking.
The Week in Internet News: Governments Shut Down Internet for School Testing
Couldn’t you just take their phones away? The government of Algeria told telecom carriers to shut down Internet service for several hours a day during high school testing season, according to several news reports. The government is trying to prevent the repeat of a situation in 2016, when exam questions were leaked online, reports Al Jazeera. The government of Iraq has taken similar action, the news agency says. It’s unclear how a short shutdown each day will prevent leaks.
Why IoT security is terrible: The headline is certainly catchy, but the IEEE Spectrum suggests that the Internet of things has some special security challenges including nation state hackers that are targeting the systems (although that’s true of other IT systems as well). Another of the six reasons: Many IoT systems, like your connected refrigerator, don’t have dedicated IT security workers looking out for them.
Score one for encryption: Using the encrypted WhatsApp, Syrian school girls banned from attending school in Islamic State-controlled territory, are taking pictures of school work and sharing it with each other, notes NakedSecurity, referencing a report on the BBC. “Education is everything, and it’s our weapon,” one of the girls says.
Not so fast, WhatsApp: Continue reading
8 Hot IT Infrastructure Job Roles
These positions are in high demand and will be strategically significant to companies’ digital transformation efforts, according to IDC/Cisco report.
The Art Of Supercomputing War
The shenanigans with the Top 500 rankings of the world’s most powerful supercomputers continues, but there are a bunch of real supercomputers that were added to the list for the June 2018 rankings, and we are thankful, as always, to gain the insight we can glean from the Top 500 on these new machines that are clearly used for HPC workloads. …
The Art Of Supercomputing War was written by Timothy Prickett Morgan at .
To distribute or not to distribute? Why licensing bugs matter
To distribute or not to distribute? Why licensing bugs matter Vendome et al., ICSE’18
Software licensing can quickly get quite complicated, with over 100 known open source licenses out there, and distributions often including components with a mix of licenses. Unsurprisingly, developers find it hard to determine appropriate licenses for their work, and to interpret the implications of including third-party software under different licenses.
We present a large-scale qualitative study aimed at characterizing licensing bugs, with the goal of understanding the types of licensing bugs developers face, their legal and technical implications, and how such bugs are fixed.
The result is a helpful catalogue of seven different categories of licensing bugs, with 21 sub-categories in total between them. Although the authors are not lawyers (as far as I can tell), it still constitutes a very useful list of things to think about. “Our proposed catalog can serve as a reference for developers and lawyers dealing with potential licensing issues.”
The catalogue is drawn from an open coding exercise based on a statistically significant sample of 1,200 discussions randomly selected from a population of 59,426 discussions across a collection of issue trackers and mailing lists. The mailing lists Continue reading
SMB version detection in masscan
My Internet-scale port scanner, masscan, supports "banner checking", grabbing basic information from a service after it connects to a port. It's less comprehensive than nmap's version and scripting checks, but it's better than just recording which ports are open.I recently extended this banner checking to include SMB. It's a complicated protocol so requires a lot more work than just grabbing text banners like you see on FTP. Implementing this, I've found that nmap and smbclient often fail to get version information. They seem focused on getting the information from a standard location in SMBv1 packets, which gives a text string indicating version. There's another place you get get it, from the NTLMSSP pluggable authentication chunks, which gives version numbers in the form of major version, minor version. and build number. Sometimes the SMBv1 information is missing, either because newer Windows version disable SMBv1 by default (supporting only SMBv2) or because they've disabled null/anonymous sessions. They still give NTLMSSP version info, though.
For example, running masscan in my local bar, I get the following result:
Banner on port 445/tcp on 10.1.10.200: [smb] SMBv1 time=2018-06-24 22:18:13 TZ=+240 domain=SHIPBARBO version=6.1.7601 ntlm-ver=15 domain=SHIPBARBO name=SHIPBARBO domain-dns=SHIPBARBO Continue reading
Routing Security & IPv6 at NANOG 73 in Denver
We’ll be at NANOG 73 in Denver, CO, USA this week talking about routing security, MANRS, and IPv6.
The North American Network Operators Group (NANOG) is the professional association for Internet engineering, architecture and operations. Its core focus is on continuous improvement of the data transmission technologies, practices, and facilities that make the Internet function. NANOG meetings are among the largest in the region, bringing together top technologists on a wide range of topics.
Routing Security
On Tuesday, 26 June, at 1:30PM, Andrei Robachevsky will give a talk called, “Routing Is At Risk. Let’s Secure It Together.”
From the session abstract:
“Stolen cryptocurrency, hijacked traffic blocking access to whole countries, derailing vital Web resources for thousands of people. Routing used to fly under the radar. As long as incidents weren’t too bad, no one asked too many questions, and routing security never made it to the top of the to-do list. But these days, routing incidents are regularly making the news, executives are getting nervous, and engineers are under pressure to make sure their network isn’t next. The problem is, you cannot secure your own network entirely by yourself. But you can help secure the global routing system Continue reading
Build oVirt Reports Using Grafana
Grafana, The open platform for beautiful analytics and monitoring, recently added support for PostgreSQL.
It in now possible to connect Grafana to oVirt DWH, in order to visualize and monitor the oVirt environment.
Grafana dashboard example
Adding a Read-Only User to the History Database
You may want to add a read only user to connect the history database :
Note: In oVirt 4.2 we ship postgres 9.5 through the Software Collection.
-
In order to run psql you will need to run:
# su - postgres $ scl enable rh-postgresql95 -- psql ovirt_engine_history -
Create the user to be granted read-only access to the history database:
ovirt_engine_history=# CREATE ROLE [user name] WITH LOGIN ENCRYPTED PASSWORD '[password]'; -
Grant the newly created user permission to connect to the history database:
ovirt_engine_history=# GRANT CONNECT ON DATABASE ovirt_engine_history TO [user name]; -
Grant the newly created user usage of the public schema:
ovirt_engine_history=# GRANT USAGE ON SCHEMA public TO [user name]; -
Exit the database
ovirt_engine_history=# \q -
Generate the rest of the permissions that will be granted to the newly created user and save them to a file:
$ scl enable rh-postgresql95 -- psql -U postgres -c "SELECT 'GRANT SELECT ON ' || relname Continue reading
Build oVirt Reports Using Grafana
Grafana, The open platform for beautiful analytics and monitoring, recently added support for PostgreSQL.
It in now possible to connect Grafana to oVirt DWH, in order to visualize and monitor the oVirt environment.
Grafana dashboard example
Adding a Read-Only User to the History Database
You may want to add a read only user to connect the history database :
Note: In oVirt 4.2 we ship postgres 9.5 through the Software Collection.
-
In order to run psql you will need to run:
# su - postgres $ scl enable rh-postgresql95 -- psql ovirt_engine_history -
Create the user to be granted read-only access to the history database:
ovirt_engine_history=# CREATE ROLE [user name] WITH LOGIN ENCRYPTED PASSWORD '[password]'; -
Grant the newly created user permission to connect to the history database:
ovirt_engine_history=# GRANT CONNECT ON DATABASE ovirt_engine_history TO [user name]; -
Grant the newly created user usage of the public schema:
ovirt_engine_history=# GRANT USAGE ON SCHEMA public TO [user name]; -
Exit the database
ovirt_engine_history=# \q -
Generate the rest of the permissions that will be granted to the newly created user and save them to a file:
$ scl enable rh-postgresql95 -- psql -U postgres -c "SELECT 'GRANT SELECT ON ' || relname Continue reading