FalconGate Open Source Anti-Hackers Smart Gateway Runs on Raspberry Pi, Banana Pi, and other ARM Debian Boards

Everyday we can read stories about password database hacking, malware, ransomware, and so on, and companies can try to protect themselves by paying professionals that do a more or less good jobs, but individuals can’t afford professional service, so it is harder to protect oneself. One solution is to educate yourself as much as possible, but everybody has the time and/or skills to do it, so developers have worked on  FalconGate open source smart gateway that’s supposed to protect home devices against hackers, and alerts the user in case of intrusions on your home network, or devices misbehaving.

FalconGate is said to be able to:

  • Block several types of Malware based on open source blacklists
  • Block Malware using the Tor network
  • Detect and report potential Malware DNS requests based on VirusTotal reports
  • Detect and report the presence of Malware executables and other components based on VirusTotal reports
  • Detect and report Domain Generation Algorithm (DGA) Malware patterns
  • Detect and report on Malware spamming activity
  • Detect and report on internal and outbound port scans
  • Report details of all new devices connected to your network
  • Block ads based on open source lists
  • Monitor a custom list of personal or family accounts used in online services for public reports of hacking

The software relies on dependencies such as Bro IDS, Python 2.7, Nginx,Dnsmasq,Exim, and PHP, as well as Have I been pwned API, and as been tested with Debian Jessie Lite on Raspberry Pi 2/3 and Banana Pi M2+ boards, with the Raspberry Pi boards limited to 10/100M Ethernet, potentially a bottlenck if you have a fast Internet connection, but FalconGate should also be supported on other (ARM based) boards running Debian or Ubuntu.

The easiest way to install it to get the SD card image for the tested boards. For other boards, you can try a manual installation:


This will take a while depending on your platform and storage device. Your FalconGate powered board will also become your new DHCP server, so you’ll need to disable DHCP in your router. Reboot both, and login to the web interface to configure the email address(es) to be used as recipients for alerts and optionally your VirusTotal API key. Finally, remember to change the default root password, and re-generate the SSH keys.

Via n0where

Share this:

Support CNX Software! Donate via PayPal or cryptocurrencies, become a Patron on Patreon, or buy review samples

Subscribe
Notify of
guest
The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.
8 Comments
oldest
newest
tkaiser
tkaiser
4 years ago

Banana Pi M2+ has Gigabit Ethernet (yes, it’s already written wrong in the readme.md of this project — strange). And it seems this Banana thingie is only mentioned since hardware manufacturer SinoVoip provides a ‘Raspian Jessie Lite’ OS image for this board (running with a smelly 3.4.39 kernel containing no ‘Dirty COW’ fix and maybe also vulnerable to ‘rootmydevice’ and countless other exploitable vulnerabilities known since years — anyone caring about security and using OS images from some Google Drive link without caring about kernel version or manually inserted backdoors should be considered clueless or maybe even stupid as hell).… Read more »

infinity
infinity
4 years ago

@tkaiser Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian on a banana pi with mainline kernel (https://www.armbian.com/banana-pi/) Debian or Ubunto… I would even favourite ubunto because of its more up-tp-date nginx and openssl packages and so on. What do you think? Currently I use the banana Pi only as a private Seafile server, but this here sounds very interesting to give the machine a bit more purpose 🙂 Just to make it clear: I’m no very experienced user, that is why I ask for your experienced opinion. Generally…I understand how this system works… Read more »

Twig
Twig
4 years ago

have a spare Pi2 so I gave it a run on an isolated network. The web interface only allows configuration of a virustotal key and there is not much info on anything except dhcp clients.

I like the idea of of the project, especially the IDS but it seems very early on in the development.

Igor
Igor
4 years ago

blocking tor relays does not make any sense. they are idiots

tkaiser
tkaiser
4 years ago

infinity : Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian No idea. If this stuff can only run on a Raspbian userland then this is another good reason to not use it. You might get in contact with the developer if you run in any compatibility problems since Python should run everywhere and writing installers that can deal with every Debian-flavour Linux distros isn’t that hard. And if you’re at it please tell the developer that it’s irresponsible to recommend running ‘security software’ on insecure distros (as it’s done here: some Chinese Raspbian… Read more »

infinity
infinity
4 years ago

tkaiser : infinity : Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian No idea. If this stuff can only run on a Raspbian userland then this is another good reason to not use it. You might get in contact with the developer if you run in any compatibility problems since Python should run everywhere and writing installers that can deal with every Debian-flavour Linux distros isn’t that hard. And if you’re at it please tell the developer that it’s irresponsible to recommend running ‘security software’ on insecure distros (as it’s done here: some… Read more »

tkaiser
tkaiser
4 years ago

@infinity
That was quick 🙂

I dropped him a note how to easily improve compatibility/portability on the Github issue since it looks trivial to make the installer script run on recent Ubuntus and also next Debian/Raspbian release (he has to prepare for anyway).

Advertisement