Rethinking Regex: Smarter detection for a modern threat landscape
Using regular expressions, or regex, was once a convenient and powerful way for web application firewalls (WAFs) to find malicious code in web requests.
🛡️ https://www.scworld.com/resource/r…
China's Hainan province tests letting some corporate users bypass the Great Firewall and access the global internet, as it seeks to become a free-trade port (Ben Jiang/South China Morning Post)
https://www.scmp.com/tech/policy…
Rather surprised to see the performance scaling of nftables is so bad compared to iptables, especially as many distros switched to nftables by default some time ago.
I do understand that synthetic benchmarks of firewalls are difficult, and that you are supposed to use the advanced features of nftables (e.g. sets, maps) to express the same filter in fewer rules.
h…
tech nerdery
I mean this: if every receiver just connected to its source when it was ready, and we hadn't made short-timeout stateful firewalls everywhere, we'd have to deploy SO MANY fewer weird one-off services just to receive something.
Instead we have to provision certificates and public facing hostnames to get communication going. Backend development is so much more complex and less robust because of it.
So the nicest firewall and router vendor have since long had a presence of Fediverse - and it looks like they just launched a Peertube-instance too!
I love it!
@…
Thank you @…
Rather surprised to see the performance scaling of nftables is so bad compared to iptables, especially as many distros switched to nftables by default some time ago.
I do understand that synthetic benchmarks of firewalls are difficult, and that you are supposed to use the advanced features of nftables (e.g. sets, maps) to express the same filter in fewer rules.
h…