I started a company!

“What? Huh? Why?”

Those are some of the many questions I was asking myself. Simply… Looking to challenge the brain in different ways than what I’m normally doing.

How it began – In my personal time while trying to secure my own personal hosted infrastructure, I was noticing that there wasn’t an efficient or effective way to block bad threat actors (nasty hackers) on the Internet.

The typical (tedious) approach has always been:

The problem with this approach is that you end up getting stuck in a game of whack-a-mole. Who do you think wins? Trick question – it’s not you!

I put a different idea together – what if bad threat actors run their hacking world like a business and focus on cost optimization and automation. Novel idea right?

How does this apply to what I do? Well if I were to run a business like theirs, I would figure out how to “copy/paste” my attacks in creative ways. To do this, I would choose a (cheap) hosting provider that has resources that I can use for my desired purposes. Once the hosting provider is identified, I’m going to figure out ways to spin up new resources in a quick manner in a different location (i.e. automation).

New Resource + New Location = New IP Address To Attack From

Now that I know this, let the hacking begin!

Do you see how the game of whack-a-mole starts?

What does my company do?

I have a few products available now, but the one product that solves the above problem is a product called Molasses Masses.

How does it work?

Rather than blocking on a per-IP basis, I get all the subnets for that hosting provider that the hacker is using and then block those. The idea is that remote connections coming to my/your hosted services, should not come from other hosting providers. It should be from people like you reading this article!

Now it’s possible that you or your business partners get caught up in the block list – no problem! You can exclude your own and/or business partner subnets from the specifically curated list of subnets that you download.

How effective it this?

I’ve seen a reduction of attacks of up to 90%* from all my honeypots on the Internet.

Why would you use this?

Got remote users that need to VPN into your organization?

Got hosted services that should be accessed from actual users, and not random bots sitting in hosted environments?

Then this is the product for you!

Integrations available?

Very simply, It’s a flat text file of curated subnets that you can use in your own policies..

These are the supported platforms available today to consume my product:

• Linux (shorewall)
• Cisco – Firepower Threat Defense (FTD)
• Fortinet – Fortigate Firewalls
• Palo Alto Networks – PAN-OS and Prisma Access.

Curious to test it out? 7-day free trials available.

Use discount code MM2026 to snag a 20% discount on checkout for the first 50 customers 🙂

Krass, der Hauptentwickler/ Maintainer Thomas M. Eastep des #Shorewall Firewall Tools ist mittlerweile ca. 81 Jahre alt, seinen letzten commit 2024 hat er also mit ca. 79 Jahren gemacht.

(hochgerechnet aus https://sourceforge.net/p/shorewall/mailman/message/35458915/ )

Has anyone ever built their own router? I was thinking: DSL modem (ALLnet) -> Raspberry Pi with RMN520N HAT.

#router #diyrouter #openwrt #linux #archlinux #shorewall #modem #RaspberryPi

On the weekend, I switched on a #foomuuri #nftables firewall.

I have been using #shorewall for so long that it is in my fingers.

Foomuuri is likeable and capable. I am finding my way around her peculiarities. Definitely stepping forward into it rather than falling back on my comfortable habits.

#debian

#FOSS #Linux #Firewall #Security #NetSec

Just finished migrating from #Shorewall (iptables) firewall configurator to #foomuuri (nftables) in my personal #Debian Sid laptop.

Took about four-five hours or so.

Ruleset is now shorter and actually easier to read. I have paranoid setup where even outgoing AND localhost traffic is filtered...

Feels refreshing after upgrade 👍 . And it's simply just great peace of #OpenSource software engineering:

https://github.com/FoobarOy/foomuuri

#til

* #shorewall, the trusty #linux #firewall you can simply describe in a few config files, has a `try` command to setup the firewall for a while and tear it down again after a timeout. Very good for configuring the firewall remotely; combine with ssh and #screen. I still lick my scars for the night I did the cowboy thing, tried to setup a firewall by hand, and the first thing I did was to `DROP` all packets. I lost a good job opportunity because of that. #NeverAgain

If you've followed our recent posts, you already know that we gave Shorewall a try to tidy up our VPN firewall rules and gain full overview about our configuration. Our migration to Shorewall has been successful and we'd like to share some insights in our configuration:

"Keeping the Wireguard VPN firewall clear with Shorewall" - https://blog.zero-iee.com/en/posts/vpn-firewall-shorewall/

Shorewall by Tom Eastep is just perfect for small to mid size firewall deployments that are mostly static and not too complex. One of our developers uses OpnSense and PfSense for more complex scenarios in his private projects.

Which firewall / configuration tool do you use and why?

#shorewall #firewall #wireguard #vpn #teamzero #zeroiee #blog #techblog #linux #debian