Giano, about

PostPosted: Fri Mar 29, 2019 8:18 am
by LordCrimson
Months ago we experimented a lot of cyber attacks and attempts to put the server down. Giano was then developed (by TheHalloween and Madame) and used to protect the web server.

It's our primary defense and it does really reduce attempts to crash & spam the server!

less 60% bad events

PostPosted: Fri Mar 29, 2019 8:19 am
by LordCrimson
Code: Select all
DTB # lssize /log/httpd/*.log
      178 Mbyte /var/log/httpd/access.log
      172 Mbyte /var/log/httpd/err.log

Without Giano

Code: Select all
DTB # lssize /log/httpd/*.log
      141 Mbyte /var/log/httpd/access.log
       75 Mbyte /var/log/httpd/err.log

With Giano

Logs have been observed for six months. It's working :say-sticazzi:

How does it work?

PostPosted: Fri Mar 29, 2019 8:23 am
by LordCrimson
Giano is basically a firewall with agents connected to four different layers of the network stack
  • at the TCP/IP layer, rejecting malformed/malicious TCP/IP packets
  • at the HTTP layer, rejecting malformed/malicious HTTP requests
  • at the Application layer, rejecting malicious signs, too many password failures, seeking for exploits, etc
  • at the Contest layer, rejecting text containing offensive words

Each agent is a "fail-to-ban" callback that reports the offending IPs to the firewall adding them to the block-list.

Each time you failed a password attempt, the agent like agent-ftpd or agento-sshd generates a event, which is monitored by Giano, it reads those events to find out who is offending and for what, and then react appropriately.

Giano usually reacts by IP-banning. The most people uses dynamic IP, so a permanent ban can block legit users if the ISP rotated the address of a bot to a legit user. This might be a problem. Anyway, generally, this has demonstrated being able to reduce the rate of attacks, to block spambots, as well as able to reduce incorrect authentications attempts.

However, it cannot eliminate the risk that weak authentication presents.

The New MessageWall Agent

PostPosted: Fri Apr 12, 2019 11:41 am
by LordCrimson
Choose from several patterns on comments form, this new piece of code adds banned words - to automatically stop submitting bad comments.

Suppa Power?

PostPosted: Sun Apr 14, 2019 12:00 pm
by madame

I have just noticed the new feature in the panel reserved for operators.
And ... it seems I do have new "suppa" powers
:rofl: :rofl:

Yeah, Suppaman protects this website

PostPosted: Mon May 06, 2019 1:09 pm
by TheHalloween