Last week the INFO3660 course moved to a section on stateful firewalls and the in-class lecture examined creation of basic rules on the Cisco ASA family. The lab assignment tasked students to block access to a handful of popular E-Commerce sites. But interestingly enough one student’s submission used regular expressions (RegEx) to do the heavy lifting.
Regular expressions allow filtering of string combinations and a recent guest lecturer had mentioned them. Somewhere along the way the idea clicked. Rather than creating rules to block IP addresses of web hosts and DNS servers around the world as I'd expected, with the help of some Cisco tutorials, he'd taught himself to use RegEx.
Did it take him longer than writing simple firewall rules? Perhaps. But late one night, as I was wandering through the lab and found him working the assignment, he explained his logic: “Once I get this running for eBay, amazon and buy.com will be a snap.” Later, grading his assignment, I found it an elegant solution. Can he create standard access/deny rules? Sure. But now he’s added a new skill set to his bag of tricks.
In today's fast-paced Web 2.0 environment the ability to research new solutions and adapt to the method of the attacker is essential. In this case, RegEx was the perfect tool for the job.
No comments:
Post a Comment