slink: WAF: Wrong Approach Firewall

Jun 7, 2026Channel
AI Analysis
Data from YouTube Data API v3Updated Just now
media.ccc.de
media.ccc.de

268K subscribers

View Channel

Video Overview

Video Details

Published1 month ago
Duration1:01:43
Video IDBOGUwO2kPLo
Languageen
CategoryScience & Technology
PrivacyPublic
Made for KidsNo
Video TypeRegular Video

Performance Metrics

Views946
Likes35
Comments0
Engagement Rate3.70%
Likes per 100 views3.70
Comments per 1K views0.00

Description

https://media.ccc.de/v/gpn24-385-waf-wrong-approach-firewall Web Application Firewalls (WAFs) for filtering based on HTTP and payload are omnipresent. In this talk an argument will be made that, in many cases, the wrong approach for implementing WAFs is chosen: They are implemented as "deny firewalls" which specifically forbid "bad" traffic based on pattern rules, while for network security (layers 3/4) professionals would only ever follow an "allow firewall" approach, which explicitly lets "good" traffic pass and denies everything else. "deny WAFs" are oftentimes marketed as simple, easy to use, out-of-the-box solutions, but, by design, they can only prevent known exploits. Also, practical aspects limit their potential, when rulesets breaking functionality have to be disabled. While the "allow WAF" approach presented here implies more effort, its main advantage is protection against new attack vectors ("zero days") and it comes with a lot of side benefits, such as improved performance and resilience through caching. Concepts will be introduced: * HTTP Basics * Signed URLs / signed requests * Regular Expressions * HTTP Caching Practical examples with Vinyl Cache will be presented: * Rules based on HTTP method and URL * Header filtering * Regular Expressions on body data slink https://cfp.gulas.ch/gpn24/talk/9TSLFQ/ #gpn24 #CyberSecurity Licensed to the public under https://creativecommons.org/licenses/by/4.0/

Related Videos

More videos from media.ccc.de