Easy private networks with WireguardHTTPS

I’ve been experimenting with Wireguard as a VPN to protect my internet traffic from local snoopers and communicate between all my devices as if they were on the same network.

SSHing into an Ubuntu 20.04 Thinkpad on my home network via the VPN.

Wireguard was designed with mobile devices in mind. It uses battery-friendly cryptography and the protocol can handle endpoints that change IP address seamlessly. It is ideal for exposing local development servers on my laptop to my iPhone, but deploying configuration to a device is a manual and time-consuming process.

WireguardHTTPS is a Wireguard access server written in Go that allows users to log in with Azure AD and manage access to the Wireguard VPN.

WireguardHTTPS generates configuration and creates QR codes for easy deployment to mobile devices.

WireguardHTTPS is intentionally very simple. It only allows users to add devices to the VPN, regenerate device credentials and remove devices from the VPN. WireguardHTTPS does not store private keys: once a device has been created, future attempts to download its credentials will revoke the device’s access to the VPN and generate new credentials.

WireguardHTTPS only allows regenerating credentials and deleting a device.

Devices are automatically assigned IP addresses in the subnet specified when setting up WireguardHTTPS. When a device is deleted, its IP address is released for reuse by a future device.

Architecture

WireguardHTTPS is made of 3 components to limit privileges required by the internet-facing HTTPS API while allowing it to control the higher privileged Wireguard interface and protect users from common web attacks like XSS, Clickjacking, and CSRF.

A root gRPC daemon, wgrpcd, controls the Wireguard interface. Wgrpcd manages devices directly on the Wireguard interface using wgctrl and responds to gRPC messages from other processes. It is not aware of IP address allocation, DNS or Azure AD users. It simply validates input received from its gRPC API and manipulates peers on the Wireguard interface.

A low privileged user runs WireguardHTTPS, a REST API that provides authentication, IP address allocation, device DNS settings, and device management. It is exposed directly to the internet without a reverse proxy. WireguardHTTPS allocates IP addresses in its database from a subnet provided by the user at setup. WireguardHTTPS assigns devices IP addresses from this pool, and a device’s IP address is released when it is deleted. It uses wgrpcd’s gRPC API to perform the desired operations on the Wireguard interface. PostgreSQL transactions ensure Wireguard interface and database are kept in sync to avoid IP address conflicts and stale data. WireguardHTTPS does not store any identifying information from users apart from their authentication provider ID, and can easily be modified to support other OpenID providers like AWS Cognito.

WireguardHTTPS is meant to serve its UI: wgreact, a ReactJS single-page app. It uses Gin’s static file server middleware to serve the final Javascript application generated by webpack with a restrictive Content Security Policy, anti-framing headers, anti-XSS headers, and a limited set of TLSv1.2 and TLSv1.3 cipher suites. It is a single page and allows users to add, view, rekey, and remove their devices.

Use Cases

Expose services in private networks to connected devices, even if they’re behind a NAT or in a private VPC. You can host an instance of Gitlab on a computer at home to create a private source code repository and much more.

Move unencrypted traffic from untrusted networks to cloud networks to protect against man in the middle attacks.

Use a static IP address from any network, even on a cell phone.

#wireguard #cybersecurity #azure #golang #vpn #codeburst

What is GEEK

Buddha Community

Autonomous Driving Network (ADN) On Its Way

Talking about inspiration in the networking industry, nothing more than Autonomous Driving Network (ADN). You may hear about this and wondering what this is about, and does it have anything to do with autonomous driving vehicles? Your guess is right; the ADN concept is derived from or inspired by the rapid development of the autonomous driving car in recent years.

Driverless Car of the Future, the advertisement for “America’s Electric Light and Power Companies,” Saturday Evening Post, the 1950s.

The vision of autonomous driving has been around for more than 70 years. But engineers continuously make attempts to achieve the idea without too much success. The concept stayed as a fiction for a long time. In 2004, the US Defense Advanced Research Projects Administration (DARPA) organized the Grand Challenge for autonomous vehicles for teams to compete for the grand prize of $1 million. I remembered watching TV and saw those competing vehicles, behaved like driven by drunk man, had a really tough time to drive by itself. I thought that autonomous driving vision would still have a long way to go. To my surprise, the next year, 2005, Stanford University’s vehicles autonomously drove 131 miles in California’s Mojave desert without a scratch and took the $1 million Grand Challenge prize. How was that possible? Later I learned that the secret ingredient to make this possible was using the latest ML (Machine Learning) enabled AI (Artificial Intelligent ) technology.

Since then, AI technologies advanced rapidly and been implemented in all verticals. Around the 2016 time frame, the concept of Autonomous Driving Network started to emerge by combining AI and network to achieve network operational autonomy. The automation concept is nothing new in the networking industry; network operations are continually being automated here and there. But this time, ADN is beyond automating mundane tasks; it reaches a whole new level. With the help of AI technologies and other critical ingredients advancement like SDN (Software Defined Network), autonomous networking has a great chance from a vision to future reality.

In this article, we will examine some critical components of the ADN, current landscape, and factors that are important for ADN to be a success.

The Vision

At the current stage, there are different terminologies to describe ADN vision by various organizations.

Even though slightly different terminologies, the industry is moving towards some common terms and consensus called autonomous networks, e.g. TMF, ETSI, ITU-T, GSMA. The core vision includes business and network aspects. The autonomous network delivers the “hyper-loop” from business requirements all the way to network and device layers.

On the network layer, it contains the below critical aspects:

• Intent-Driven: Understand the operator’s business intent and automatically translate it into necessary network operations. The operation can be a one-time operation like disconnect a connection service or continuous operations like maintaining a specified SLA (Service Level Agreement) at the all-time.
• **Self-Discover: **Automatically discover hardware/software changes in the network and populate the changes to the necessary subsystems to maintain always-sync state.
• **Self-Config/Self-Organize: **Whenever network changes happen, automatically configure corresponding hardware/software parameters such that the network is at the pre-defined target states.
• **Self-Monitor: **Constantly monitor networks/services operation states and health conditions automatically.
• Auto-Detect: Detect network faults, abnormalities, and intrusions automatically.
• **Self-Diagnose: **Automatically conduct an inference process to figure out the root causes of issues.
• **Self-Healing: **Automatically take necessary actions to address issues and bring the networks/services back to the desired state.
• **Self-Report: **Automatically communicate with its environment and exchange necessary information.
• Automated common operational scenarios: Automatically perform operations like network planning, customer and service onboarding, network change management.

On top of those, these capabilities need to be across multiple services, multiple domains, and the entire lifecycle(TMF, 2019).

No doubt, this is the most ambitious goal that the networking industry has ever aimed at. It has been described as the “end-state” and“ultimate goal” of networking evolution. This is not just a vision on PPT, the networking industry already on the move toward the goal.

David Wang, Huawei’s Executive Director of the Board and President of Products & Solutions, said in his 2018 Ultra-Broadband Forum(UBBF) keynote speech. (David W. 2018):

“In a fully connected and intelligent era, autonomous driving is becoming a reality. Industries like automotive, aerospace, and manufacturing are modernizing and renewing themselves by introducing autonomous technologies. However, the telecom sector is facing a major structural problem: Networks are growing year by year, but OPEX is growing faster than revenue. What’s more, it takes 100 times more effort for telecom operators to maintain their networks than OTT players. Therefore, it’s imperative that telecom operators build autonomous driving networks.”

Juniper CEO Rami Rahim said in his keynote at the company’s virtual AI event: (CRN, 2020)

“The goal now is a self-driving network. The call to action is to embrace the change. We can all benefit from putting more time into higher-layer activities, like keeping distributors out of the business. The future, I truly believe, is about getting the network out of the way. It is time for the infrastructure to take a back seat to the self-driving network.”

Is This Vision Achievable?

If you asked me this question 15 years ago, my answer would be “no chance” as I could not imagine an autonomous driving vehicle was possible then. But now, the vision is not far-fetch anymore not only because of ML/AI technology rapid advancement but other key building blocks are made significant progress, just name a few key building blocks:

• software-defined networking (SDN) control
• industry-standard models and open APIs
• Real-time analytics/telemetry
• big data processing
• cross-domain orchestration
• programmable infrastructure
• cloud-native virtualized network functions (VNF)
• DevOps agile development process
• everything-as-service design paradigm
• intelligent process automation
• edge computing
• cloud infrastructure
• programing paradigm suitable for building an autonomous system . i.e., teleo-reactive programs, which is a set of reactive rules that continuously sense the environment and trigger actions whose continuous execution eventually leads the system to satisfy a goal. (Nils Nilsson, 1996)
• open-source solutions

#network-automation #autonomous-network #ai-in-network #self-driving-network #neural-networks

Matic Network in Blockchain Gaming

Matic Network is getting lots of attraction amidst the blockchain game developers. This is because, their competition has stepped away from the gaming scene. Matic - as a general purpose platform, capable of creating all types of DApps, and have already build 60+ DApps on Matic Network.

As a result Matic Network is busy gaining a lots of new gaming partners. They have already been integrated into many gaming DApps.

Key reasons why DApps chooses Matic Network

• Near-instant blockchain transactions
• Low Transaction fees >> less than 1/1000th of the fees on the Ethereum mainchain
• Seamless migration for existing Ethereum DApps
• Access to, and assistance with, a wide range of developer tooling.
• Unparalleled technical support for developers.

If you have an idea to build your own Gaming DApp - you could benefit from matic network’s high-speed, low-fee infrastructure and our assistance to transform your DApp from a great idea into a successful DApp business.

Being a Predominant DApp Game Development Company, GamesDApp helps you to Build DApp Game on matic network and also expertize in developing various popular games on the blockchain network using smart contract.

Hire Blockchain Game Developers >> https://www.gamesd.app/#contactus

#matic network #build dapp game on matic network #dapp game on matic network #matic network in blockchain gaming #matic network for game development

Avail our world-class XOXO Network Smart Contract and earn huge profits

Automate all your daily functions by indulging in XOXO Network MLM Clone. The advantages include an unstoppable protocol system, presence of the Ethereum smart contract, a peer to peer payments system, no chance of hacking or scamming, availability of seven global auto pools, limitless referral bonus, an initial investment of only 0.1 ETH, and a 100% secure system.

#xoxo network clone script #xoxo network mlm clone #xoxo network clone #smart contract mlm like xoxo network #xoxo network smart contract #xoxo smart contract clone script

Avail our world-class XOXO Network Smart Contract and earn huge profits

Interested in launching a crypto trading platform on your own? Now, you can create your customized crypto platform like XOXO Network MLM Clone under the assistance of leading professional experts in the industry. In this article, let us discuss the key factors about the XOXO network clone script and its earning opportunities.

What is XOXO Smart Contract Clone Script?

XOXO smart contract clone script is one of the decentralized P2P smart contract-based clone scripts which is built on the Ethereum blockchain in order to offer an advanced trading experience to the users.

How does the registration process work in XOXO Network Clone Script?

The main objective of XOXO Network Clone Script is to make the registration process more simple and quick. In order to join the network, the user has to pay the entry fee 0.1ETH and then download either the Trust Wallet or the Meta Mask. After downloading the safe wallet, the user has to integrate it by adding the amount in ETH. Then he/she can follow the referral link which is sent by the existing user. After completing the registration process, the user can start referring others to the network. The user will receive rewards in the form of a commission instantly whenever anyone joins in the network with their referral link.

Specialized features in XOXO Network MLM Clone Script

The following are some of the features which made the XOXO Network MLM Clone Script a favourite one among the users globally.

• It requires only less entrance fee to join the network
• Follows streamlined protocol
• Operates with no central authority
• Immutable transactions
• Completely transparent
• Guaranteed results within a short period
• High returns with less investment
• Limitless referrals can be done
• Safe wallets to provide better security against threats

If you are looking for the ways to boost your business viability, then investing in Smart Contract MLM Like XOXO Network is the best-preferred choice. Reach out to our well-experienced developer team to avail your customized profitable solution according to your business constraints.

#smart contract mlm like xoxo network #xoxo network clone #xoxo network clone platform #xoxo network mlm clone #xoxo network mlm clone development company

Networking as an Introvert

Networking, the word every successful entrepreneur, creative pursuer and mentor talks about. “The one and the only thing you need to do to succeed in life”. If you have ever attended an event where networking is a possibility or even obligatory, you know it can be really hard getting around to doing it. Even though everyone wants the same thing, you just want to bury yourself through the ground with your lukewarm beer in your hand. And if this was not hard enough — doing it is as an introvert sure is.

The first step to networking includes finding an event to attend in the first place. This is the easy part. In most locations there often loads of events in the genre of your interest that involves mingling or networking with other people. I would recommend browsing websites like Eventbrite, Meetup, and Facebook to find interesting events. I would also highly recommend not to attend meetups solely focused on networking — since this often puts pressure on the attendees to talk to as many people as possible in as little time as possible, instead of engaging in quality conversations. Try finding events of your interest that you sense might include networking in some form. One important thing to remember is, it will always end up being more fun than you think when signing up for an event.

#career-advice #introvert #networking-tips #networking #personal-development #neural networks