I'm creating a Unified Threat Management device for home and small business

[torchbearer]

I wanted to share with Liberty Forest a project I just started to bring enterprise level security to home and small business users.
I'm a long way out before hardware starts to get assembled in mass, but I am working on the base router firmware at the moment.
You can use these images free of charge, but will require a Raspberry Pi 2 board and usb wifi adapter. It may work on other ARMv7 boards, but that hasn't been tested by myself yet.

Please follow my project at: http://www.gatoros.com

Notes from the latest TOR access point build:

Build Notes:
GatorPi2-4GB-AP-tor-20150302
Tor AP v0.1
3-2-2015
by Brent Sanders

About:
This image file is for use with the Raspberry Pi2. This image will create a TOR access point with the Raspberry Pi2. Allows for anonymity while surfing the web through the access point. There are SH files in the home directory that can be used to tailor the AP settings.
This build is based on the latest Raspian Build 2-16-2015. Most extra packages have been removed. Desktop environments and internet browsing have been preserved.

Requirements:
Raspberry Pi 2
USB wifi adapter
4GB or more disk space.
7zip to uncompressed the Img file.
dd or win32imager to put image on disk.



Ways to interface:
SSH port 22
RDP port 3389
RPi2 Monitor http web gui: port 8888
HDMI (with monitor, keyboard, and mouse.)


default settings:
host: pifi
login: pi
password: raspberry
ssid: Onion Pi
wifi key: raspberry
ssh enabled
crt+alt+backspace to exit x-session
raspi-config to change setting and expand to disk


You can download the image file from here:
https://drive.google.com/file/d/0B8P...ew?usp=sharing

Here is an image of what the final product would look like... it can fit in the palm of your hand:

[CPUd]

Cool, we have some Pis coming in later this week, I'll try it out. Are you running a package repository?

[torchbearer]

Cool, we have some Pis coming in later this week, I'll try it out. Are you running a package repository?

No, I don't have a repo yet.
Just sharing images on google drive right now.

My ultimate plan is to have a Pi UTM running Squid, Snort, and Tor from one device. You'd place it between your modem and router at home or business.
It would filter Virus, Spam, Webblocking, Adblocking, and give intrustion detection alerts. All for the fraction of the cost of an enterprise UTM, and it wouldn't require a yearly subscription like the others.

Guys at work are begging to get in on the project.

[torchbearer]

I'm doing my work via SSH

[torchbearer]

oh and MobaXTerm comes highly recommended.

[torchbearer]

First UTM build released:
Build Notes:
GatorUTM-0.1-4GB-AP-20150303
UTM AP v0.1
3-3-2015
by Brent Sanders


About:
This image file is for use with the Raspberry Pi2.
This image will create a UTM access point with the Raspberry Pi2.
There are SH files in the home directory that can be used to tailor the AP settings.
This build is based on the latest Raspian Build 2-16-2015.
Proxy provided by Squid. AV scan module provided by ClamAV. AV Module provided by Dansguardian.
Most extra packages have been removed. Desktop environments and internet browsing have been preserved.


Functions working in this release:
HTTP proxy, web blocker and av scan


future releases will contain:
HTTPS proxy
SMTP proxy
POP proxy
FTP proxy




Requirements:
Rasperry Pi2
USB wifi adapter
4GB or more disk space.
7zip to uncompressed the Img file.
dd or win32imager to put image on disk.


Ways to interface:
SSH port 22
RDP port 3389
RPi2 Monitor web gui: port 8888
HDMI (with monitor, keyboard, and mouse.




default settings:
host: pifi
login: pi
password: raspberry
ssid: PI_AP
wifi key: raspberry
ssh enabled
crt+alt+backspace to exit x-session
raspi-config to change setting and expand to disk


You can download the image file from here: https://drive.google.com/file/d/0B8P...ew?usp=sharing

http://www.gatoros.com/2015/03/gator...point-v01.html

[torchbearer]

Good news, I have a meeting setup for friday with potential investors. could get interesting.

[torchbearer]

well, it looks like i'm taking on more developers.
i guess i might as well open the invite to liberty peeps.
pm me if you want in on the action.

[FindLiberty]

Nice.

Will the NSA backdoor be open source? LOL

[torchbearer]

The base router firmware is complete.

http://www.gatoros.com
Build Notes:
GatorUTM-0.1-4GB-Router-20150309
UTM Router v0.1
3-9-2015
by Brent Sanders

About:
This build is based on the latest Raspian Build 2-16-2015.
All extra packages have been removed.
This image file is for use with the Raspberry Pi2.
This image will create a router with the Raspberry Pi2.
WebGUI provided by Webmin


Requirements:
Rasperry Pi2
USB network adapter (TrendNET TU2-ET100 works out of box)
4GB or more disk space.
7zip to uncompressed the Img file.
dd or win32imager to put image on disk.

Ways to interface:
SSH port 22
Web GUI https://172.23.0.1:10000
HDMI (with monitor, keyboard, and mouse.)


default settings:
host: PiUTM
login: pi
password: password
Router IP: 172.23.0.1 (use the user login above)
ssh enabled
raspi-config to change setting and expand to disk


You can download the image from here: https://drive.google.com/file/d/0B8P...ew?usp=sharing

[FunkBuddha]

Be wary of Snort. It's now owned by Cisco with the Sourcefire acquisition. I was told by people that would know that unless its reconfigured, possibly with a compile time option, Snort will log rule hits to Talos which is Cisco's threat management organization. I haven't verified this claim.

[torchbearer]

Be wary of Snort. It's now owned by Cisco with the Sourcefire acquisition. I was told by people that would know that unless its reconfigured, possibly with a compile time option, Snort will log rule hits to Talos which is Cisco's threat management organization. I haven't verified this claim.

I dropped Snort.
Went with Squid,DansGuardian,and clamAV

[gizmodo]

Hi torchbearer,

First of, You have a great project there and I hope you do well on your UTM. However, I have one question for you, have you build a honeypot on raspberry pi 2? I managed to installed the Dionaea honeypot on my raspberry but for some reason I could not install the gui interface of Modern Honey Net (MHN). I was wondering if you had work on this project before. Maybe you can help me out on how to incorporate MHN to Dionaea as a honeypot monitor for my network.

[torchbearer]

Hi torchbearer,

First of, You have a great project there and I hope you do well on your UTM. However, I have one question for you, have you build a honeypot on raspberry pi 2? I managed to installed the Dionaea honeypot on my raspberry but for some reason I could not install the gui interface of Modern Honey Net (MHN). I was wondering if you had work on this project before. Maybe you can help me out on how to incorporate MHN to Dionaea as a honeypot monitor for my network.

I have not, but i may work on a build for you.

[torchbearer]

here is a simple honeypot setup: http://andrewmichaelsmith.com/2013/0...i-fi-honeypot/
just skip the hostapd part if you are not using it as a wireless pot.
adjust the rest accordingly.
you will need to make sure you have the two ethernets outlined in interfaces

[gizmodo]

Hi Torchbearer

This is a Wi-Fi Honeypot. What I am talking about is using Dionaea with MHN interface, capturing malware that tries to intrude my network. I managed to installed the Dioneae by following this link but what I want to accomplish is to have a web interface that will expedite my investigation and that's where MHN comes into play. I tried installing it but I could not get it to work. Thank you for you prompt reply.

[FunkBuddha]

Mind posting more info about your issue with the MHN build script? I know its OT but if I can offer any guidance I'll PM you.

[gizmodo]

Hi FunkBuddha,

Ok my issue is I have installed the Dionaea honeypot to my raspberry pi, but Dioneae alone without MHN looks very generic. I am trying to install MHN so I can have a web interface and easy access to report log, without going to so many steps. If you can help me install or have a good guide to install the MHN on raspberry pi that would be great. Thank you!

[ChristianAnarchist]

I want one (or two)...

[FunkBuddha]

NtopNG would be useful for forensics purposes if you have the room.

[gizmodo]

Hi FunkBuddha,

Do you have a guide on how to install NtopNG on Raspberry Pi 2?