Tootfinder

Rethinking Regex: Smarter detection for a modern threat landscape
Using regular expressions, or regex, was once a convenient and powerful way for web application firewalls (WAFs) to find malicious code in web requests.
🛡️ https://www.scworld.com/resource/r…

Rethinking Regex: Smarter detection for a modern threat landscape
The most basic web application firewalls use regular expressions to find potentially malicious code, but that method has severe limitations. Here's why your WAF should use more than regex to spot attacks.

China's Hainan province tests letting some corporate users bypass the Great Firewall and access the global internet, as it seeks to become a free-trade port (Ben Jiang/South China Morning Post)
https://www.scmp.com/tech/policy…

China will drop the Great Firewall for some users, but only in southern Hainan
Employees of companies operating in the island province can apply for the ‘Global Connect’ scheme, but some content will remain restricted.

Rather surprised to see the performance scaling of nftables is so bad compared to iptables, especially as many distros switched to nftables by default some time ago.
I do understand that synthetic benchmarks of firewalls are difficult, and that you are supposed to use the advanced features of nftables (e.g. sets, maps) to express the same filter in fewer rules.
h…

tech nerdery
I mean this: if every receiver just connected to its source when it was ready, and we hadn't made short-timeout stateful firewalls everywhere, we'd have to deploy SO MANY fewer weird one-off services just to receive something.
Instead we have to provision certificates and public facing hostnames to get communication going. Backend development is so much more complex and less robust because of it.

So the nicest firewall and router vendor have since long had a presence of Fediverse - and it looks like they just launched a Peertube-instance too!
I love it!
@…
Thank you @…

Rather surprised to see the performance scaling of nftables is so bad compared to iptables, especially as many distros switched to nftables by default some time ago.
I do understand that synthetic benchmarks of firewalls are difficult, and that you are supposed to use the advanced features of nftables (e.g. sets, maps) to express the same filter in fewer rules.
h…