Simple pubsub-based IP banning engine. Subscribes to a ban publisher, bans the IPs and then unbans them after a configured time period. Designed to work in concert with Banjax.
a system for collecting, storing, and calculating DDOS attack characteristics in order to build attack fingerprints and classify botnets.
A utility for bundling resources in web pages into a single page by inlining them using the data URI scheme. It is designed to be easy to use in all kinds of scenarios, ranging from ones where one simply wants to produce a web page with certain resources bundled to scenarios where one would like to proxy resource requests, include caching functionality, modify request headers, and more.
A service for proxying requests via bundler, with support for remapping based on host header and other features for encapsulating and providing access to bundled content.
Edgemanage is a tool for managing the HTTP availability of a cluster of web servers via DNS. The machines tested are expected to be at risk of large volumes of traffic, attack or other potential instability. If a machine is found to be underperforming, it is replace by a more performant host to ensure maximum availability.
Learn2ban is a machine learning anti-DDoS tool. It uses support vector machines to learn about HTTP traffic access patterns and then use this information to determine when attacks and happening and how.
A tool for using the data generated by Learn2Ban to actively classify incoming traffic and use the generated classifications to determine whether user activity is a malicious bot or a legitimate access. Runs on edges in tandem with Banjax and Swabber. Soon to be reimplemented as part of Banjax.
Autodeflect is a set of Ansible recipes designed for use in the creation of independent standalone instances of Deflect. The recipes feature much of the configuration logic used in the production instances of the Deflect system and they can be used to greatly aid in the operation of a personal instance. While these recipes are still in their infancy, they will gradually allow for the complete automated configuration of a standalone Deflect instance.
Not strictly related to the Deflect system but part of the broader infrastructure - a system for automating the deployment of differential, encrypted, off-site backups.