commit
cc3944eff2
@ -0,0 +1,34 @@ |
||||
# ---> Vim |
||||
# Swap |
||||
[._]*.s[a-v][a-z] |
||||
!*.svg # comment out if you don't need vector files |
||||
[._]*.sw[a-p] |
||||
[._]s[a-rt-v][a-z] |
||||
[._]ss[a-gi-z] |
||||
[._]sw[a-p] |
||||
|
||||
# Session |
||||
Session.vim |
||||
Sessionx.vim |
||||
|
||||
# Temporary |
||||
.netrwhist |
||||
*~ |
||||
# Auto-generated tag files |
||||
tags |
||||
# Persistent undo |
||||
[._]*.un~ |
||||
|
||||
backup |
||||
*.exe |
||||
*.dll |
||||
coverage |
||||
coverage/* |
||||
.venv |
||||
*.gz |
||||
public |
||||
*.mp4 |
||||
ffmpeg* |
||||
renders |
||||
vidcrunch |
||||
vidcrunch.exe |
||||
@ -0,0 +1,40 @@ |
||||
# Dentata |
||||
|
||||
This is a project to replace fail2ban with a modern, simpler alternative. It's written in Go, and |
||||
will have the following design philosophy: |
||||
|
||||
1. Easy to manage from the command line. No more, "Uhh what jail is that IP in?" |
||||
2. Sane configuration that can be managed or generated by external tools. No more weird .ini file |
||||
with strange dual configurations where you have no idea where anything is. The philosophy will |
||||
be similar to Caddy. |
||||
3. Ruthless blocking. None of this, "But what if it's a legit uuuussserrr?!" Legit users don't poke |
||||
around on random ports and send hack attempts. Fuck them. Blocked. |
||||
4. Uses simpler tactics to catch scanners and hack attempts instead of (or in addition to) log |
||||
parsing. For example, opening trap TCP/IP ports and then blocking anyone that touches them. |
||||
5. Potentially detecting basic intrusions like a process becoming root and notifying you, or, like, |
||||
telling you whenever there's a login on the server. |
||||
6. Actually using a database you can access and analyze for reports and management. At first just a |
||||
simple SQLite3 database where the data is stored, but then later whatever you want. |
||||
7. A focus on individuals who run their own servers and just want a simple way to block most of the |
||||
bad actors. |
||||
|
||||
## Non-Features |
||||
|
||||
What Dentata will not be: |
||||
|
||||
1. A full blown intrusion detection system. At most it'll notify you whenever there's a login, but |
||||
after that, if someone gets on your server you're fucked. Nothing will save you but your backups |
||||
and shutting it down right away. |
||||
2. Some trillion dollar corporation's servant. It will be aimed at the little operations and |
||||
individuals, and not try to appease giant corporations who probably will only exploit it. You |
||||
want Prometheus talking to an Elastic Search? Go write it yourself or go fuck yourself. |
||||
3. Open source. Open source is dead people. It'll be free to use by everyone except businesses |
||||
that make over $10 million. Even in that case, the tone of the project will probably turn them |
||||
off and, honestly, who gives a fuck. They're leeches anyway. |
||||
|
||||
## Wanna Participate? |
||||
|
||||
I may change my mind on all this if there's some interested beginners and junior developers who'd |
||||
like to help. It could be a good project to learn about quite a few topics in devops and system |
||||
security, and there's a need for projects aimed at beginners to learn how to work on software with |
||||
other people. I'll let you know if the above changes and I'm looking for folks to contribute. |
||||
Loading…
Reference in new issue