Cyber attacks are on the raise. Hacker and cyber criminals are continuously improving their methods and building new tools and Malware with the purpose of hacking your network, spying on you and stealing valuable data. Recently a new business model has become popular among hackers: the use of Ransomware to encrypt your data and ask for a ransom to unlock it. These attacks have extended also to the Internet of Things (IoT) devices since many of them are vulnerable by design and hackers can leverage them to compromise other devices in your network or launch DDoS attacks towards other targets. Traditionally securing a network against such attacks has been an expensive item which could be afforded just by medium to large companies. With FalconGate we’re aiming to change this and bring “out of the box” security for free to people, small businesses and anyone else in need.
Features
FalconGate is an open source smart gateway which can protect your home devices against hackers, Malware like Ransomeware and other threats. It detects and alerts on hacker intrusions on your home network as well as other devices misbehaving and attacking targets within your network or in the Internet.
Currently FalconGate is able to:
Block several types of Malware based on open source blacklists (see detailed list in file intel-sources.md)
Block Malware using the Tor network
Detect and report potential Malware DNS requests based on VirusTotal reports
Detect and report the presence of Malware executables and other components based on VirusTotal reports
Detect and report Domain Generation Algorithm (DGA) Malware patterns
Detect and report on Malware spamming activity
Detect and report on internal and outbound port scans
Report details of all new devices connected to your network
Block ads based on open source lists
Monitor a custom list of personal or family accounts used in online services for public reports of hacking
Prerequisites
FalconGate has a number of software dependencies:
Bro IDS
Python 2.7
Nginx
Dnsmasq
Exim
PHP
It depends also on several Python modules (see requirements.txt file for details)
Other dependencies
The devices’s malware detection can be enhanced with the utilization of VirusTotal’s personal free API
Currently FalconGate uses have i been pwned public API to detect whether credentials and/or other data from personal accounts have been stolen by hackers from third party sites.
Supported Platforms
Currently FalconGate has been successfully tested and implemented on Raspberry Pi (RPi 2 model B) and Banana Pi (BPI-M2+) using Raspian Jessie Lite as base image.
Jessie Lite for RPi
Jessie Lite for BPi
It should be compatible with other Debian ARM images as well but this has not been tested yet.
Download
0 comments :