[TYPO3-waf] Re: [TYPO3-project-waf] WAF project: brainstorming
Steffen Müller
typo3 at t3node.com
Tue Feb 2 10:29:28 CET 2010
Hi.
On 26.01.2010 09:08 Dmitry Dulepov wrote:
> - rule set will contain rules to prevent known and possible future attacks
What about a whitelist?
I have been working with firewalls some years ago and the we used to
configure the portfilters by explicitly ALLOW some rules and DENY the
rest. That was possible because we knew all ports which had to be open.
Since an TYPO3 administrator should know all GET/POST params of his
website (and the according types), filtering on a whitelist basis should
be possible.
Would this be a reasonable scenario for WAF? What do you think?
--
cheers,
Steffen
TYPO3 Blog: http://www.t3node.com/
Microblog: http://twitter.com/t3node
More information about the TYPO3-project-waf
mailing list