Tools

FalconGate v2.0 releases: smart gateway to stop hackers and Malware attacks

FalconGate

A smart gateway to stop Malware, cybercriminals, and more…

Motivation

Cyber attacks are on the raise and the cybercriminals are continuously improving their methods and building new tools and Malware with the purpose of breaching your network, spying on you and stealing valuable data. Recently a new business model has become popular among cybercrooks: the use of Ransomware to encrypt your data and ask for a ransom to unlock it. These attacks have extended also to the Internet of Things (IoT) devices since many of them are vulnerable by design and criminals can leverage them to compromise other devices in your network or launch DDoS attacks towards other targets. Traditionally securing a network against such attacks has been an expensive item which could be afforded just by medium to large companies. With Falcongate we’re aiming to change this and bring “out of the box” security for free to common people, small businesses and anyone else in need.

Features

Falcongate is an open source smart gateway which can protect your home devices against hackers, Malware like Ransomware and other threats. It detects and alerts on hacker intrusions on your home network as well as other devices misbehaving and attacking targets within your network or on the Internet.

Currently, Falcongate is able to:

  • Block several types of Malware based on our free API Threat Intelligence feed and custom open source blacklists (see detailed list in file intel-sources.md)
  • Block Malware using the Tor network
  • Detect and report potential Malware DNS requests based on VirusTotal reports
  • Detect and report the presence of Malware executables and other components based on VirusTotal reports
  • Detect and report Domain Generation Algorithm (DGA) Malware patterns
  • Detect and report on Malware spamming activity
  • Detect and report suspicious port scan and tracerouting activity on your network
  • Report details of all new devices connected to your network
  • Block ads based on open source lists
  • Monitor a custom list of personal or family accounts used in online services for public reports of hacking
  • Encrypt all your home DNS traffic to protect all your devices against DNS spoofing and stop your ISP from spying on your DNS requests (see https://dnscrypt.org/)
  • Discover and report open ports on your home devices
  • Detect and alert on active default vendor accounts in all devices in your home network
    • Protocols currently supported:
      • SSH
      • FTP
      • Telnet
      • RDP
      • SMB
      • VNC

Changelog v2.0

This version of the platform has several major differences from previous versions. These changes were motivated by two main factors:

  • Upgrade the platform to support robust hardware with enough resources (physical or virtual)
  • Reduce operating costs from cloud hosting, etc

Additions:

  • Support for Python 3.6.8
  • Full support for Ubuntu 18.04 LTS
  • IP address and domain blacklists provided without API subscription
  • Easy install scripts
  • Router configuration

Deletions:

  • Stopped support for Raspberry Pi devices (not powerful enough)
  • Removed the need for API subscription
  • No data processing in the Falcongate cloud to avoid potential GDPR issues, etc
  • Removed all alerting options except Gmail

Download && Tutorial

Copyright (C) A3sal0n

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering