secubox-openwrt

gandalf/secubox-openwrt

Fork 0

Commit Graph

Author	SHA1	Message	Date
CyberMind-FR	c69ae43961	feat(interceptor,ddos): Add Insider WAF pillar and DDoS hardening profile InterceptoR Insider WAF (6th pillar): - RPCD: get_insider_waf_status() tracking LAN client threats - Dashboard: 🔒 Insider WAF card with threat stats - CrowdSec scenarios for insider threats: - C2 beacon, exfiltration, DNS tunneling, lateral movement - Cryptominer, IoT botnet, suspicious TLDs, high volume DDoS Protection Hardening: - Config Advisor: 8 DDoS checks (SYN cookies, conntrack, RP filter, ICMP rate, CrowdSec http-dos, HAProxy maxconn, mitmproxy WAF, Vortex) - ANSSI rules: New "ddos" category with remediation steps - Documentation: DOCS/DDOS-PROTECTION.md with full guide Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-12 10:46:16 +01:00

Author

SHA1

Message

Date

CyberMind-FR

c69ae43961

feat(interceptor,ddos): Add Insider WAF pillar and DDoS hardening profile

InterceptoR Insider WAF (6th pillar):
- RPCD: get_insider_waf_status() tracking LAN client threats
- Dashboard: 🔒 Insider WAF card with threat stats
- CrowdSec scenarios for insider threats:
  - C2 beacon, exfiltration, DNS tunneling, lateral movement
  - Cryptominer, IoT botnet, suspicious TLDs, high volume

DDoS Protection Hardening:
- Config Advisor: 8 DDoS checks (SYN cookies, conntrack, RP filter,
  ICMP rate, CrowdSec http-dos, HAProxy maxconn, mitmproxy WAF, Vortex)
- ANSSI rules: New "ddos" category with remediation steps
- Documentation: DOCS/DDOS-PROTECTION.md with full guide

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-12 10:46:16 +01:00

1 Commits