Confirm
502
edits
Changes
no edit summary
The Mozilla InvestiGator (MIG) is designing to detect and respond to threats. One way of responding to an attack is to create firewall rules on the local host to block an IP, or a particular connection. The goal of this project is to create a library in the Go language that can create and delete firewall rules on Windows, MacOS and Linux (iptables and ntables). The library should also be able to retrieve a ruleset from a host in a standardized format (JSON).
This project is an opportunity for a group of students to take a close look at firewall management on the major operating systems.
==== Linux Audit heka plugin (Go) ====
* Mozilla Advisor: Guillaume Destuynder
* difficulty: medium
* language: english or french
Heka is a Mozilla project for logs routing, analysis, etc. (see http://hekad.readthedocs.org/en/latest/).
Linux Audit logs are collecting various system calls and events in order to send them to a C user space program (auditd) over the netlink protocol. A Mozilla C plugin (https://github.com/gdestuynder/audisp-cef) currently correlate, transforms, and send these events back to our logging architecture.
This project aims to replace the C program and C plugin by a Go Heka plugin.
==== Passive vulnerability scanning ====
