WhitewallManager is a whitelist manager. It aims to be a web based administration tool for administrators using a default-deny approach to the security of the network they are responsible for.

Default-deny is a superior model for network security as compared to default-allow, which is how the security model of most local area networks is modeled. Default-deny disallows all but access granted to resources which you specifically allow.
The advantage to this is that any new resources which turn out to be bad are blocked by default.

Default allow disallows nothing and bad things are blocked as they are discovered. This means that you are exposed to any bad things which you don't know about.

The reason most networks are modeled on default-allow is that default-deny is hard to manage.

What WhitewallManager aims to accomplish is to make default-deny and whitelists manageable with a sensible and efficient work flow. Currently it's a nightmare to manage a default-deny network.

Features

  • Manage Squid whitelists
  • - Retrieves page from URL and extracts all domains linked within document on failed access attempt
  • - Cross references domains extracted from HTML against blacklists to highlight known bad/questionable domains
  • - Displays blacklist hits,and the blacklists in which the hit occurred
  • - Allows administrator to add selected domains to whitelist
  • - Sends email to administrator when user requests site add
  • - On proxy deny page allows user to request domain be added to whitelist
  • - Shell script to download and update blacklists efficiently
  • - Hybrid approach, default-deny whitelist goodness with the intel that blacklists provide
  • - Difficult to accidentally whitelist known malware, virus, spyware serving domains
  • - ArchLinux file layout currently supported
  • ToDo:
  • - Implement administrator login
  • - Build packages for red hat/fedora/centos, gentoo, ubuntu, debian, (insert distro)
  • - Streamline httpd setup to be simple with conf files that can be dropped in /etc/httpd/conf.d
  • - Implement proxy user/group management
  • - Implement blacklist manager and download interface
  • - Implement whitelist manual manager
  • - Set up proxy auto-configure via DHCP (and whatever else we need to)
  • - Implement LAN Local DNS Zone manager/DNS Caching admin page
  • - Implement LAN DHCP Manager (MAC Whitelisting Workflow/Interface)
  • - Implement HTTPD host management
  • - Implement iptables firewall rules interface/generation to simplify router/iptables whitelist setup
  • - Find hosting for WhiteWall VM download.
  • - Fix the security issues with the code (mostly shell escape, XSS)
  • - Create version to manage tinyproxy. I wrote a tinyproxy source patch already ;)
  • - Implement system setup script to set up services in whitelist mode
  • - Implement SELinux management workflow/interface
  • - Do it all so a non computer user can make it work.

Project Activity

See All Activity >

Categories

Security

License

Apache License V2.0

Follow WhitewallManager

WhitewallManager Web Site

Other Useful Business Software
Our Free Plans just got better! | Auth0 Icon
Our Free Plans just got better! | Auth0

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
Try free now
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of WhitewallManager!

Additional Project Details

Operating Systems

Linux, BSD

Intended Audience

End Users/Desktop

User Interface

Web-based

Programming Language

C, PHP

Database Environment

Flat-file

Related Categories

C Security Software, PHP Security Software

Registered

2012-08-01
Report inappropriate content