How Cloudflare can help stop malware before it reaches your app

How Cloudflare can help stop malware before it reaches your app
How Cloudflare can help stop malware before it reaches your app

Let’s assume you manage a job advert site. On a daily basis job-seekers will be uploading their CVs, cover letters and other supplementary documents to your servers. What if someone tried to upload malware instead?

Today we’re making your security team job easier by providing a file content scanning engine integrated with our Web Application Firewall (WAF), so that malicious files being uploaded by end users get blocked before they reach application servers.

Enter WAF Content Scanning.

If you are an enterprise customer, reach out to your account team to get access.

Making content scanning easy

At Cloudflare, we pride ourselves on making our products very easy to use. WAF Content Scanning was built with that goal in mind. The main requirement to use the Cloudflare WAF is that application traffic is proxying via the Cloudflare network. Once that is done, turning on Content Scanning requires a single API call.

Once on, the WAF will automatically detect any content being uploaded, and when found, scan it and provide the results for you to use when writing WAF Custom Rules or reviewing security analytics dashboards.

The entire process runs inline with your HTTP traffic and requires no change to your Continue reading

AI is coming to the network

AI-enabled management platforms and infrastructure are beginning to make their way into enterprise networks. I say “beginning” because despite lots of AI-washing marketing efforts over the last few years, a lot of what has been characterized as “AI-driven” or “powered by AI” hasn’t really materialized. It's not that these systems don’t do what the marketers say, so much as they don't do it in the way they imply.Even some tools that do truly employ AI in meaningful ways, and with visibly different results than are possible without it, don’t feel qualitatively different from what has come before. They may be better, for example by dramatically reducing the number of false positives in alert traffic, but not different.To read this article in full, please click here

AI is coming to the network

AI-enabled management platforms and infrastructure are beginning to make their way into enterprise networks. I say “beginning” because despite lots of AI-washing marketing efforts over the last few years, a lot of what has been characterized as “AI-driven” or “powered by AI” hasn’t really materialized. It's not that these systems don’t do what the marketers say, so much as they don't do it in the way they imply.Even some tools that do truly employ AI in meaningful ways, and with visibly different results than are possible without it, don’t feel qualitatively different from what has come before. They may be better, for example by dramatically reducing the number of false positives in alert traffic, but not different.To read this article in full, please click here

9 steps to protecting backup servers from ransomware

Now that ransomware organizations are specifically targeting on-site backup servers, it’s even more important that enterprises defend them vigorously.Here are nine steps to protect your backups and why you should take them.Patch religiously Make sure your backup server is among in the first group to receive the latest operating system updates. Most ransomware attacks exploit vulnerabilities for which patches have been available for a long time, but that didn’t get installed. Also, subscribe to whatever automatic updates your backup software provides, again to take advantage of whatever new protections they might include.To read this article in full, please click here

Using the Linux locale command

The locale settings in Linux systems help ensure that information like dates and times are displayed in a format that makes sense in the context of where you live and what language you speak. Here's how to use them.NOTE: None of the commands described in this post will change your locale settings. Some merely use a different locale setting to display the response you might be seeing from a different location.List your settings If you’re in the US, you should see something like this when you use the locale command to list your settings:$ locale LANG=en_US.UTF-8 LC_CTYPE="en_US.UTF-8" LC_NUMERIC="en_US.UTF-8" LC_TIME="en_US.UTF-8" LC_COLLATE="en_US.UTF-8" LC_MONETARY="en_US.UTF-8" LC_MESSAGES="en_US.UTF-8" LC_PAPER="en_US.UTF-8" LC_NAME="en_US.UTF-8" LC_ADDRESS="en_US.UTF-8" LC_TELEPHONE="en_US.UTF-8" LC_MEASUREMENT="en_US.UTF-8" LC_IDENTIFICATION="en_US.UTF-8" LC_ALL= The en_US.UTF-8 settings in the above output all represent US English. If you’re in France, this response is more likely:To read this article in full, please click here

Using the Linux locale command

The locale settings in Linux systems help ensure that information like dates and times are displayed in a format that makes sense in the context of where you live and what language you speak. Here's how to use them.NOTE: None of the commands described in this post will change your locale settings. Some merely use a different locale setting to display the response you might be seeing from a different location.List your settings If you’re in the US, you should see something like this when you use the locale command to list your settings:$ locale LANG=en_US.UTF-8 LC_CTYPE="en_US.UTF-8" LC_NUMERIC="en_US.UTF-8" LC_TIME="en_US.UTF-8" LC_COLLATE="en_US.UTF-8" LC_MONETARY="en_US.UTF-8" LC_MESSAGES="en_US.UTF-8" LC_PAPER="en_US.UTF-8" LC_NAME="en_US.UTF-8" LC_ADDRESS="en_US.UTF-8" LC_TELEPHONE="en_US.UTF-8" LC_MEASUREMENT="en_US.UTF-8" LC_IDENTIFICATION="en_US.UTF-8" LC_ALL= The en_US.UTF-8 settings in the above output all represent US English. If you’re in France, this response is more likely:To read this article in full, please click here

Basic Step-Functions Input and Output and Lambda— Passing Data From one to another

< MEDIUM: https://medium.com/aws-in-plain-english/basic-step-functions-input-and-output-and-lambda-passing-data-from-one-to-another-b433666f6216 >

With so much focus on serverless in Re-Invent 2022 and the advantages of Step Functions, I have started to transform some of my code from Lambda to Step Functions.

Step-Function was hard until I figured out how data values can be mapped for input and how data can be passed and transformed between Lambda functions. I have made a small attempt for someone who is starting in step functions for understanding the various steps involved.

Basically, Step Functions can be used to construct business logic and Lambda can be used to transform the data instead of transporting with Lambda-Invokes from Lambda Functions.

Let’s take the following example

I have step_function_1 which has the requirement to invoke another lambda if my_var is 1 else do not do anything.

This is a simple if-else logic followed by the lambda-invoke function

Now, the power of step-functions will come into play to write these conditional and also pass data from Lambda to Other making it super scalable for editing in future and all of the code will seem very logical and pictorial, best part is this can be designed instead of learning Amazon’s State Language.

let’s try to do Continue reading

Asking Meaningful Questions: How To Break Negative Patterns

Unconscious patterns of behavior can impede our professional progress. For example, you might watch others capitalize on ideas you have but don’t act on. Or your abrupt delivery of “the facts” alienates your colleagues and creates friction that can be detrimental. As I’ve recognized patterns in my own life and career, I’ve developed ways to […]

The post Asking Meaningful Questions: How To Break Negative Patterns appeared first on Packet Pushers.

Azure Host-Based SDN: Part 1 – VFP Introduction

Azure Virtual Filtering Platform (VFP) is Microsoft’s cloud-scale virtual switch operating as a virtual forwarding extension within a Hyper-V basic vSwitch. Figure 1-1 illustrates an overview of VFP building blocks and relationships with basic vSwitch. Let’s start the examination from the VM vm-nwkt-1 perspective. Its vNIC vm-cafe154 has a synthetic interface eth0 using a NetVSC driver (Network Virtual Service Client). The Hyper-V vSwitch on the Parent Partition is a Network Virtual Service Provider (NetVSP) with VM-facing vPorts. Vm-cafe154 is connected to vPort4 over the logical inter-partition communication channel VMBus. VFP sits in the data path between VM-facing vPorts and default vPort associated with physical NIC. VFP uses port-specific Layers for filtering traffic to and from VMs. A VFP Layer is a Match Action Table (MAT) having a set of policy Rules. Rules consist of Conditions and Actions and are divided into Groups. Each layer is programmed by independent, centralized Controllers without cross-controller dependencies.

Let’s take a concrete example of Layer/Group/Rule object relationship and management by examining the Network Security Group (NSG) in the ACL Layer. Each NSG has a default group for Infrastructure rules, which allows Intra-VNet traffic, outbound Internet connection, and load balancer communication (health check, etc.). We Continue reading

Creating and removing directory structures on Linux

Managing directories on Linux is easy, but the process gets more complex when you need to create, empty or remove large, complex directory structures. This post will take you from the most basic commands to some fairly complex ones that can help make the process easier.mkdir The mkdir command can create a single directory like this:$ mkdir newdir It can also create a complex directory and subdirectory structure with a command like the one below. The -p argument tells the command to create the base directory if it doesn't already exist.Each group of directory names that appears in the command shown – like {1,2,3} and {docs,script} – will result in a series of subdirectories being created at that level.To read this article in full, please click here

Creating and removing directory structures on Linux

Managing directories on Linux is easy, but the process gets more complex when you need to create, empty or remove large, complex directory structures. This post will take you from the most basic commands to some fairly complex ones that can help make the process easier.mkdir The mkdir command can create a single directory like this:$ mkdir newdir It can also create a complex directory and subdirectory structure with a command like the one below. The -p argument tells the command to create the base directory if it doesn't already exist.Each group of directory names that appears in the command shown – like {1,2,3} and {docs,script} – will result in a series of subdirectories being created at that level.To read this article in full, please click here

Friends Hard to Find These Days? These Surprising Insights May Help

Finding true friends who we can trust in life is becoming increasingly more difficult with the advent of technology and its ability to create distance between people. We may think that having a large circle of acquaintances is great, but this does not equate to having real friends. There are many reasons for this phenomenon, such as being overly connected in the digital world versus taking time away from our screens to interact face-to-face with those around us. But, there is surprisingly some insight into the current climate that may help foster meaningful connections and relationships that last. Here are some of the surprising insights that may help you find true friends in today’s world:

Start with yourself

If you want to make meaningful connections and develop real friendships, it is important to start by looking inward. Investing in your own emotional well-being and self-confidence will ensure that you are comfortable interacting with others on a deeper level. Taking time to reflect on your own identity, what you need from friends and how you can be a good friend will make all the difference in your ability to form lasting relationships.

Get out of your comfort zone

Connecting with people Continue reading

Lambda — Sync / Async Invocations

< MEDIUM: https://medium.com/@raaki-88/lambda-sync-async-invocations-29e12a47ce85 >

A short note on Lambda Sync and Async Invocations. After Reinvent 2022, most of us started to think around Event-Driven architectures, especially using Event-Bridge, and Step-Functions at the core of state changes and function data pass.

I like these ideas very much. For me, before step-functions and event-bridge Lambda had this beautiful feature of Event/Request-Response knobs which served the purpose. With Step-Functions in place, you remove the complexity of maintaining state and time-delay logic and connectivity to different AWS services without relying on BOTO3 API connectivity. As one of the talks in Reinvent 2022 iterated that Lambda should be used to transform the data but not transfer the data.

https://www.youtube.com/watch?v=SbL3a9YOW7s

This is by far the best video that I have seen around the topic, this guy has nailed it to perfection! Please watch it if you are interested in these architectures.

For those who were looking out for using Lambda Request-Response/Event-based invocations few things that I have not seen anyone else write about some nitty gritty details

Let’s say

def call_other_lambda(lambda_payload):
    lambda_client = boto3.client('lambda')
    lambda_client.invoke(FunctionName='function_2',
                         InvocationType='Event', Payload=lambda_payload)


def lambda_handler(event, context):
    print(event.keys())
    get_euiid = event['end_device_ids']['device_id']
    lambda_payload = json.dumps( {json. Continue reading

What is Wi-Fi and why is it so important?

The term Wi-Fi was created more than two decades ago as a way to make local wireless networking easy to understand for the general public. Today, Wi-Fi technology is ubiquitous, making home and office connectivity without wires available for all, and contributing to an explosion of smart devices.What is Wi-Fi?  Wi-Fi is a blanket term for multiple technologies that use the IEEE 802.11 communications standards to create local area networks or LANs. Wi-Fi-enabled products use radio waves to transmit data and communicate with one another. Initially the technology used the 2.4 GHz frequency, but it has since expanded to 5 GHz, 60 GHz, and 6 GHz frequency bands.To read this article in full, please click here

Automation 19. Enabling OCP SONiC To Be Managed Via GNMI With pyGNMI

Dear friend,

We hope you are doing great and had a nice time over the festive period to recharge your batteries towards the new year. We wish it to be successful, productive and prosperous. With this, let’s dive into the topic of today’s blog, which is network automation for OCP SONiC with GNMI and Python over pyGNMI.



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Do I Need to Automate SONiC? How Can I Do It?

SONiC, which stands for Software for Open Networking in the Cloud, is a Network Operating System (NOS). SONiC’s main purpose is to run on the data center switches and provide simple and reliable connectivity between endpoints (Baremetal servers, virtual machines, containers, etc). As it is a piece of the network software, which runs on network hardware, it is for sure requires automation.

The good news is that it supports RESTCONF and GNMI with OpenConfig YANG modules, which we extensively cover in our Network Automation Trainings:

We offer the Continue reading

1 341 342 343 344 345 3,805