The point is obvious. There is more than one way to burn a book. And the world is full of people running about with lit matches. Every minority ... feels it has the will, the right, the duty to douse the kerosene, light the fuse. Every dimwit editor who sees himself as the source of all dreary blanc-mange plain porridge unleavened literature, licks his guillotine and eyes the neck of any author who dares to speak above a whisper or write above a nursery rhyme.”

Ray Bradbury

Brutus IPS

This is a home grown Intrusion Prevention System I’ve called Brutus. Based on Linux Portsentry, a given server listens on standard ports (say, 80 & 443) but Portsentry listens on all other ports. When these ports are touched (always the result of a portscan) Portsentry executes Brutus scripts which instruct the firewall to null-route the offending IP. Brutus was designed for PFSense but it works with Zywall and any other firewall that supports SSH, SSH keys and setting null-route via remote command.

Brutus

BASH

01/27/2018

Brutus – Brutus Client

Part of the Brutus Project, this article goes over Brutus client servers, so that you can run one main Brutus server and all the other servers in your network send it commands remotely.

BASH

01/27/2018

Brutus- Brutus Server

Part of the Brutus Project, this article goes over the main Linux server running Portsentry and Brutus.

Projects

01/27/2018

Brutus – Firewall

Part of the Brutus Project, this article goes over firewall placement and configuration highlights.

Projects

03/31/2018

Brutus – Premise of Operation

Brutus is the name of a series of scripts that allows Portsentry to work with your firewall, helping to prevent would-be attackers from penetrating your network.