WhitewallManager Icon

WhitewallManager

alpha

Whitelist manager

Add a Review
1 Download (This Week)
Last Update:
Download parentwall_08012012.tar.gz
Browse All Files
BSD Linux

Description

WhitewallManager is a whitelist manager. It aims to be a web based administration tool for administrators using a default-deny approach to the security of the network they are responsible for.

Default-deny is a superior model for network security as compared to default-allow, which is how the security model of most local area networks is modeled. Default-deny disallows all but access granted to resources which you specifically allow.
The advantage to this is that any new resources which turn out to be bad are blocked by default.

Default allow disallows nothing and bad things are blocked as they are discovered. This means that you are exposed to any bad things which you don't know about.

The reason most networks are modeled on default-allow is that default-deny is hard to manage.

What WhitewallManager aims to accomplish is to make default-deny and whitelists manageable with a sensible and efficient work flow. Currently it's a nightmare to manage a default-deny network.

WhitewallManager Web Site

Categories

Security

License

Apache License V2.0

Features

  • Manage Squid whitelists
  • - Retrieves page from URL and extracts all domains linked within document on failed access attempt
  • - Cross references domains extracted from HTML against blacklists to highlight known bad/questionable domains
  • - Displays blacklist hits,and the blacklists in which the hit occurred
  • - Allows administrator to add selected domains to whitelist
  • - Sends email to administrator when user requests site add
  • - On proxy deny page allows user to request domain be added to whitelist
  • - Shell script to download and update blacklists efficiently
  • - Hybrid approach, default-deny whitelist goodness with the intel that blacklists provide
  • - Difficult to accidentally whitelist known malware, virus, spyware serving domains
  • - ArchLinux file layout currently supported
  • ToDo:
  • - Implement administrator login
  • - Build packages for red hat/fedora/centos, gentoo, ubuntu, debian, (insert distro)
  • - Streamline httpd setup to be simple with conf files that can be dropped in /etc/httpd/conf.d
  • - Implement proxy user/group management
  • - Implement blacklist manager and download interface
  • - Implement whitelist manual manager
  • - Set up proxy auto-configure via DHCP (and whatever else we need to)
  • - Implement LAN Local DNS Zone manager/DNS Caching admin page
  • - Implement LAN DHCP Manager (MAC Whitelisting Workflow/Interface)
  • - Implement HTTPD host management
  • - Implement iptables firewall rules interface/generation to simplify router/iptables whitelist setup
  • - Find hosting for WhiteWall VM download.
  • - Fix the security issues with the code (mostly shell escape, XSS)
  • - Create version to manage tinyproxy. I wrote a tinyproxy source patch already ;)
  • - Implement system setup script to set up services in whitelist mode
  • - Implement SELinux management workflow/interface
  • - Do it all so a non computer user can make it work.

KEEP ME UPDATED

Write a Review

User Reviews

Be the first to post a review of WhitewallManager!

Additional Project Details

Intended Audience

End Users/Desktop

User Interface

Web-based

Programming Language

C, PHP

Registered

2012-07-31

Thanks for helping keep SourceForge clean.

Screenshot instructions:
Windows
Mac
Red Hat Linux   Ubuntu

Click URL instructions:
Right-click on ad, choose "Copy Link", then paste here →
(This may not be possible with some types of ads)

More information about our ad policies
X

Briefly describe the problem (required):

Upload screenshot of ad (required):
Select a file, or drag & drop file here.

Please provide the ad click URL, if possible:

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks
Screenshots can attract more users to your project.
Features can attract more users to your project.