Home > Broadcom BCMxxxx, Debian, Linux > FalconGate Open Source Anti-Hackers Smart Gateway Runs on Raspberry Pi, Banana Pi, and other ARM Debian Boards

FalconGate Open Source Anti-Hackers Smart Gateway Runs on Raspberry Pi, Banana Pi, and other ARM Debian Boards

Everyday we can read stories about password database hacking, malware, ransomware, and so on, and companies can try to protect themselves by paying professionals that do a more or less good jobs, but individuals can’t afford professional service, so it is harder to protect oneself. One solution is to educate yourself as much as possible, but everybody has the time and/or skills to do it, so developers have worked on  FalconGate open source smart gateway that’s supposed to protect home devices against hackers, and alerts the user in case of intrusions on your home network, or devices misbehaving.

FalconGate is said to be able to:

  • Block several types of Malware based on open source blacklists
  • Block Malware using the Tor network
  • Detect and report potential Malware DNS requests based on VirusTotal reports
  • Detect and report the presence of Malware executables and other components based on VirusTotal reports
  • Detect and report Domain Generation Algorithm (DGA) Malware patterns
  • Detect and report on Malware spamming activity
  • Detect and report on internal and outbound port scans
  • Report details of all new devices connected to your network
  • Block ads based on open source lists
  • Monitor a custom list of personal or family accounts used in online services for public reports of hacking

The software relies on dependencies such as Bro IDS, Python 2.7, Nginx,Dnsmasq,Exim, and PHP, as well as Have I been pwned API, and as been tested with Debian Jessie Lite on Raspberry Pi 2/3 and Banana Pi M2+ boards, with the Raspberry Pi boards limited to 10/100M Ethernet, potentially a bottlenck if you have a fast Internet connection, but FalconGate should also be supported on other (ARM based) boards running Debian or Ubuntu.

The easiest way to install it to get the SD card image for the tested boards. For other boards, you can try a manual installation:


This will take a while depending on your platform and storage device. Your FalconGate powered board will also become your new DHCP server, so you’ll need to disable DHCP in your router. Reboot both, and login to the web interface to configure the email address(es) to be used as recipients for alerts and optionally your VirusTotal API key. Finally, remember to change the default root password, and re-generate the SSH keys.

Via n0where

  1. tkaiser
    March 29th, 2017 at 14:31 | #1

    Banana Pi M2+ has Gigabit Ethernet (yes, it’s already written wrong in the readme.md of this project — strange).

    And it seems this Banana thingie is only mentioned since hardware manufacturer SinoVoip provides a ‘Raspian Jessie Lite’ OS image for this board (running with a smelly 3.4.39 kernel containing no ‘Dirty COW’ fix and maybe also vulnerable to ‘rootmydevice’ and countless other exploitable vulnerabilities known since years — anyone caring about security and using OS images from some Google Drive link without caring about kernel version or manually inserted backdoors should be considered clueless or maybe even stupid as hell).

    The 3rd word in ‘open source smart gateway’ finally triggered a snake oil alert.

  2. infinity
    March 29th, 2017 at 21:54 | #2

    @tkaiser
    Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian on a banana pi with mainline kernel (https://www.armbian.com/banana-pi/) Debian or Ubunto… I would even favourite ubunto because of its more up-tp-date nginx and openssl packages and so on. What do you think? Currently I use the banana Pi only as a private Seafile server, but this here sounds very interesting to give the machine a bit more purpose 🙂

    Just to make it clear: I’m no very experienced user, that is why I ask for your experienced opinion.

    Generally…I understand how this system works inside my network: if I assume that I would need to simply connect the banana to my routers LAN Port and then change my DHCP from Router to Banana PI, how does that protect me from malicious websites? Do I also have to set the banana to be my DNS server? So the Banana with FalconGate will resolve all my dns requests?

    Do you guys think that a dual core banana pi is powerful enough for that? Or what would be a better low power SBC solution for this?

    Thank you very much in advance

  3. Twig
    March 29th, 2017 at 22:28 | #3

    have a spare Pi2 so I gave it a run on an isolated network. The web interface only allows configuration of a virustotal key and there is not much info on anything except dhcp clients.

    I like the idea of of the project, especially the IDS but it seems very early on in the development.

  4. Igor
    March 30th, 2017 at 01:23 | #4

    blocking tor relays does not make any sense. they are idiots

  5. tkaiser
    March 30th, 2017 at 13:50 | #5

    infinity :
    Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian

    No idea. If this stuff can only run on a Raspbian userland then this is another good reason to not use it.

    You might get in contact with the developer if you run in any compatibility problems since Python should run everywhere and writing installers that can deal with every Debian-flavour Linux distros isn’t that hard. And if you’re at it please tell the developer that it’s irresponsible to recommend running ‘security software’ on insecure distros (as it’s done here: some Chinese Raspbian that has been found on Google Drive)

  6. infinity
    March 31st, 2017 at 04:35 | #6

    tkaiser :

    infinity :
    Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian

    No idea. If this stuff can only run on a Raspbian userland then this is another good reason to not use it.
    You might get in contact with the developer if you run in any compatibility problems since Python should run everywhere and writing installers that can deal with every Debian-flavour Linux distros isn’t that hard. And if you’re at it please tell the developer that it’s irresponsible to recommend running ‘security software’ on insecure distros (as it’s done here: some Chinese Raspbian that has been found on Google Drive)

    Well…. I think it is obsolete now… they’ve heard the concerns apparently. As I’ve subscribed to the newsletter of FalconGate, I got this email today:

    Dear all,

    Below you can find some recent developments in our FalconGate smart gateway project:

    – FalconGate in the news (http://www.kitploit.com/2017/03/falcongate-smart-gateway-to-stop.html)

    – Due to security concerns raised by some FalconGate followers we have taken offline our Banana Pi image and stopped support for it until further notice (issue21)

    – We have relocated FalconGate’s Raspberry Pi image to a dedicated S3 bucket in our own Amazon VPC (issue22)

    Feel free to give us feedback on your adventures with FalconGate over email or through our GitHub repository. We’re looking forward to hear you experiences!

    Have a nice day.

    The Falcongate team

    That’s the linked Issue:
    https://github.com/A3sal0n/FalconGate/issues/21

  7. tkaiser
    March 31st, 2017 at 10:13 | #7

    @infinity
    That was quick 🙂

    I dropped him a note how to easily improve compatibility/portability on the Github issue since it looks trivial to make the installer script run on recent Ubuntus and also next Debian/Raspbian release (he has to prepare for anyway).

  1. No trackbacks yet.