-
Notifications
You must be signed in to change notification settings - Fork 1
Features
GS McNamara, MS edited this page Jul 15, 2020
·
16 revisions
Right now Floodspark Counterespionage Firewall (CEF) can...
- Tor browser, with minor delay
- Chrome Incognito, with minor delay, over HTTPS
- Firefox Private Browsing, with minor delay
- Chrome-Selenium in its default configuration, with minor delay
- cURL in its default configuration
- Wget in its default configuration
- Fake Googlebot
The offending IP will be blacklisted for 10 minutes.
The offending IP will be invisibly redirected to a honeypot version of your real website for 10 minutes.
In either Blocking or Honeypot mode intelligence continues to be collected in the background.
CEF's ELK Docker container serves two purposes: it serves the Kibana-based Analyst Dashboard that supports search and visualizations, and it can itself be monitored by CEF to serve as another data source / sensor.
- In cases such as when CEF verifies Googlebot, the IP will be added to a whitelist for 10 minutes.