This week Jonathan chats with Philippe Humeau about Crowdsec! That company created a Web Application Firewall as on Open Source project, and now runs it as a Multiplayer Firewall. What does that mean, and how has it worked out as a business concept? Watch to find out!
- https://github.com/crowdsecurity/crowdsec
- https://crowdsec.net
- https://www.linkedin.com/company/53443483
Did you know you can watch the live recording of the show right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or have the guest contact us! Take a look at the schedule here.
Direct Download in DRM-free MP3.
If you’d rather read along, here’s the transcript for this week’s episode.
Theme music: “Newer Wave” Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
Community block/ban lists are not new, but I haven’t seen them in use with web apps. Usually just dedicated servers for games. Interesting idea.
I think the central list server is a weak point. What happens with spoofed IPs or something like a DNS amplification attack? Will your firewall start blocking legitimate IPs? Will probably also need an accompanying white list to protect known good IPs from essential services to prevent abuse.