ModSecurity VS torrent

Coraza and ModSecurity have a high detection rate, but they are not adapted to reality scenarios, resulting in too many false positives.

Official GitHub: ModSecurity Stars: 8K

SafeLine vs ModSecurity

cd /opt && sudo git clone https://github.com/owasp-modsecurity/ModSecurity.git cd ModSecurity sudo git submodule init sudo git submodule update sudo ./build.sh sudo ./configure sudo make sudo make install

First of all, if you have any experience with Traefik, I'd suggest you to do the reverse proxy stuff with it and install the Crowdsec instance along it. As I didn't have experience using Traefik I went with NPM but now I guess it would have been easier considering the research I had to do... Another reason is, I wanted to implement a geo block and/or another security layer by using ModSecurity (https://github.com/SpiderLabs/ModSecurity ) besides Crowdsec too. Afaik Traefik has a plugin that integrates ModSecurity easily - unless NPM.

I don't know about Blackboard, but Moodle will allow quizzes to be run in popups that block most extensions from working; lockdown browsers will block such extensions; and, if you have access to the server, a modified firewall (e.g., ModSecurity) may\* allow blocking this and similar extensions.

> ModSecurity for WAF: https://github.com/SpiderLabs/ModSecurity

This might be of interest to some: https://www.modsecurity.org/

> Trustwave is announcing the End-of-Life (EOL) of our support for ModSecurity effective July 1, 2024. We will then hand over the maintenance of ModSecurity code back to the open-source community.

Probably not too big of a deal, though.

Also, this might be useful: https://owasp.org/www-project-modsecurity-core-rule-set/

Though there has been some critique of ModSecurity and that ruleset in the past, as something dated and with false positives.

Anyone have any good alternatives?

Is there a reason no one hasn't made a Docker template for OWASP Coraza (https://github.com/corazawaf/coraza) or ModSecurity (https://github.com/SpiderLabs/ModSecurity) for the use of a reverse proxy?

BitTorrent v2 has the incremental hashes via merkle trees. They're surprisingly good. I implemented them here https://github.com/anacrolix/torrent/issues/175#issuecomment...

Any clean room impl. is a good news to me, but is the support for private torrent/tracker complete (https://github.com/anacrolix/torrent/issues/531)?

https://github.com/anacrolix/torrent has a fuse driver since 2013. I'm in the early stages of removing it. There are WebDAV, 3rd party FUSE, and HTTP wrappers of the client all doing similar things: serving magnet links, infohashes, and torrent files like an immutable filesystem. BitTorrent v2 support is currently in master.

I'm the author of https://github.com/anacrolix/torrent (started in 2013) and https://github.com/anacrolix/dht (started in 2015). I have a DHT indexer implementation I developed in 2021. It's currently closed source but available for use as part of https://www.coveapp.info/. I have found that after several hours the search is excellent and stays up to date with ease.

https://github.com/anacrolix/torrent/blob/master/cmd/torrent... does exactly that. Install with `go get github.com/anacrolix/torrent/cmd/torrent@latest`, and then run `torrent serve `.

Hit me up if you want to discuss using BitTorrent to back images. https://github.com/anacrolix/torrent

It has some small latency but only when resources are spread across many different infos. If you can constrain your resources to a single DHT traversal, it's pretty quick. I run several services that stream from BitTorrent on demand, using https://github.com/anacrolix/torrent which are surprisingly quick to start. However it does choke up when you try to start many different resources at once, which multiplies horizontally the number of DHT traversals, and per-torrent related overhead to get started.

It is solvable, but any solution that spreads resources out across many different targets in the DHT is slow. Basically anything that was inspired by BitTorrent, but isn't BitTorrent itself does this, because they get overly excited by deduplication of data.

For whatever reason the ARM version Transmission does not work well on my M2 laptop - it downloads quickly at first and then drops off to zero. I tried playing around with different settings, running their nightly builds, etc, and nothing fixed it for me. In the end I searched for other clients and found them all filled with ads and bloatware, and decided to use this excellent open source command line client instead:

https://github.com/anacrolix/torrent

It has a few frontends built on top of it (linked in the project readme), but I just run `torrent download ` and it downloads at full speed / with no issues.