GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → k4yt3x → scutum

k4yt3x / scutum

Licence: GPL-3.0 license
Linux Automatic ARP (TCP / UDP / ICMP) Firewall

Programming Languages

python
139335 projects - #7 most used programming language
C++
36643 projects - #6 most used programming language
QMake
1090 projects
shell
77523 projects

Labels

linuxsecurityfirewallarparp-spoofingufw

Projects that are alternatives of or similar to scutum

ansible-ufw
Ansible role to set up ufw in Debian-like systems
Stars: ✭ 40 (-49.37%)
Mutual labels:  firewall, ufw
CSArp-Netcut
An arpspoof program using Sharppcap
Stars: ✭ 93 (+17.72%)
Mutual labels:  arp, arp-spoofing
ufw-docker-automated
Manage docker containers firewall with UFW!
Stars: ✭ 114 (+44.3%)
Mutual labels:  firewall, ufw
elmocut
Eye candy ARP spoofer for Windows
Stars: ✭ 85 (+7.59%)
Mutual labels:  arp, arp-spoofing
ARPPD
An ARP Poisoning Defender script
Stars: ✭ 41 (-48.1%)
Mutual labels:  arp, arp-spoofing
ARP-Poisoning-Tool
ARP Poisoning Tool, it creates entries on target's ARP Table. The things which you need only are Destination IP and MAC address.
Stars: ✭ 18 (-77.22%)
Mutual labels:  arp-spoofing
freshubuntu
Handy things for setting up a new Ubuntu 16.04 - 20.04 server
Stars: ✭ 15 (-81.01%)
Mutual labels:  ufw
knox-firewall
Restrict mobile data on Samsung devices
Stars: ✭ 17 (-78.48%)
Mutual labels:  firewall
tlstun
A socks tunnel client and server using websockets over http and tls
Stars: ✭ 36 (-54.43%)
Mutual labels:  firewall
BeFree
Website Security, Antivirus & Firewall || a powerful application that can secure your website against hackers, attacks and other incidents of abuse
Stars: ✭ 24 (-69.62%)
Mutual labels:  firewall
Splunk TA paloalto
The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.
Stars: ✭ 15 (-81.01%)
Mutual labels:  firewall
laravel-route-blocker
Block routes by IP
Stars: ✭ 77 (-2.53%)
Mutual labels:  firewall
opensnitch
OpenSnitch is a GNU/Linux port of the Little Snitch application firewall
Stars: ✭ 7,734 (+9689.87%)
Mutual labels:  firewall
waf4wordpress
WAF for WordPress 🔥 with 60+ security checks and weekly updates
Stars: ✭ 102 (+29.11%)
Mutual labels:  firewall
aws-firewall-factory
Deploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (-8.86%)
Mutual labels:  firewall
XDP-Firewall
An XDP firewall that is capable of filtering specific packets based off of filtering rules specified in a config file. IPv6 is supported!
Stars: ✭ 129 (+63.29%)
Mutual labels:  firewall
mikrotik-fwban
Use your Mikrotik firewall to do fail2ban like blocking of unwanted IPs. Written in Go
Stars: ✭ 22 (-72.15%)
Mutual labels:  firewall
nftables-example
A playground ruleset to get to know nftables syntax
Stars: ✭ 19 (-75.95%)
Mutual labels:  firewall
Fragscapy
Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.
Stars: ✭ 52 (-34.18%)
Mutual labels:  firewall
arp0 attacker
An ARP Spoofer attacker for windows to block away devices from your network.
Stars: ✭ 15 (-81.01%)
Mutual labels:  arp-spoofing
View All Similar Projects ➔

Join the chat at https://gitter.im/K4YT3X-DEV/SCUTUM status

SCUTUM Firewall

Introduction

In short, SCUTUM configures your personal computer automatically against malicious TCP/UDP traffic and ARP spoofing attacks. This software uses UFW to setup conventional firewall for you, determines and locks the gateway MAC address so you won't get ARP-spoofed.

This software is designed to be compact and effective. Currently it can support only one interface at a time. Traffic will only be allowed on one interface. We are looking into possibilities of supporting multiple interfaces at once.

2.10.2 (May 5, 2019)

  1. Fixed nftables ARP issues. ARP packets are now correctly blocked in the arp table instead of inet.
  2. Replaced format strings with f-strings.

2.10.0 (November 2, 2018)

  1. Fixed the problem when SCUTUM is first enabled, gateway MAC address is not cached and locked.

2.10.0 (October 31, 2018)

  1. Changed configuration file to JSON
    • Please delete the old INI config and reinstall scutum.
  2. Added support for netfilter.
  3. Grouped sections of code into methods for easier code maintenance.
  4. Optimized code.

Quick Install

Prerequisites

  • Designed for Linux OS
  • curl or wget is required for quick install
  • git should be installed

Example for a typical Ubuntu environment (18.04)

$ sudo apt install git python3-pip curl
$ sudo pip3 install avalon_framework

Full SCUTUM Dependency list can be found in DEPENDENCIES.md

via curl

$ sudo sh -c "$(curl -fsSL https://raw.githubusercontent.com/K4YT3X/scutum/master/bin/quickinstall.sh)"

via wget

$ sudo sh -c "$(wget https://raw.githubusercontent.com/K4YT3X/scutum/master/bin/quickinstall.sh -O -)"

scutum_gui effects

What is SCUTUM?

Long story short, ARP firewall. It automatically adds gateways to the whitelist on connect and blocks everthing else to avoid potential threat.

SCUTUM is an ARP firewall that prevents your computer from being ARP-spoofed by other computers on LAN. SCUTUM controls "arptables" in your computer so it accepts ARP packets only from the gateway. This way, when people with malicious intentions cannot spoof your arp table. SCUTUM also prevents other people from detecting your device on LAN if SCUTUM is used with properly configured TCP/UDP firewall.

SCUTUM is also capable of handling tcp/udp/icmp traffic with iptables. You can choose to enable this feature during installation. However, a more professional firewall controller like UFW is recommended. They can handle traffic with more precision.

Usage & Installation

You should run a installation before running it for the first time for setting up configuration files. I am not sure if portable version is necessary. If you think this should be changed, raise an issue and I will change it.

Installation

Quick install above is recommended

git clone https://github.com/K4YT3X/scutum.git
cd scutum/bin
sudo python3 scutum.py --install

GUI Usage (Currently not working)

ENABLE: Enable SCUTUM (Start spontaneously)
DISABLE: Disable SCUTUM (Never start spontaneously)
DISABLE (Temporarily): Disable SCUTUM until the next time connected to a network

Usage

SCUTUM starts automatically by itself after installation.

Full up-to-date usage can be found by executing:

$ scutum --help

$ sudo service scutum start     # Start scutum service
$ sudo service scutum stop      # Stop scutum service
$ sudo systemctl enable scutum  # Start SCUTUM with system
$ sudo systemctl disable scutum # Don't start SCUTUM with system
$ sudo scutum                   # Start SCUTUM Normally
$ sudo scutum --start           # Start SCUTUM Manually for once even it it's disabled
$ sudo scutum --enable          # Enable SCUTUM (Start automatically on connect)
$ sudo scutum --disable         # Disable SCUTUM (Don't start automatically on connect)
$ sudo scutum --reset           # Reset SCUTUM (Allow ALL ARP packages temporarily)
$ sudo scutum --purgelog        # Purge SCUTUM logs
$ sudo scutum --install         # Run scutum installation wizard and install SCUTUM into system
$ sudo scutum --uninstall       # Remove SCUTUM from system completely 
$ sudo scutum --upgrade         # Upgrade SCUTUM and AVALON Framework

SCUTUM Workflow

postconnect

  1. Connect to Wi-Fi
  2. Accept all ARP packets
  3. Cache gateway MAC address by establishing a socket connection with a timeout of 0
  4. Add Gateway MAC to exception
  5. DROP all ARP packets

[Finished]

postdisconnect

  1. Accept all ARP packets

[Finished]

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].