As technology advances, so do cybersecurity threats, which can leave individuals and small businesses vulnerable to cybercrime. Public-facing networks and computers are highly susceptible to daily hacker attacks from around the world. In response to this need, the Garland Intrusion Detection and Prevention System (IDPS) was developed as a highly efficient and ultra-low latency security solution.
One of the most significant benefits of Garland is its user-friendly design, making it accessible to everyone, regardless of their technical expertise in Network Security Monitoring (NSM) or Information Security (InfoSec). This "Plug, Play and Forget" system efficiently eliminates the need for any complex configurations or maintenance. Also, Garland is completely free of charge, making it an affordable and ideal solution for home and small office/home office (SOHO) setups.
Garland's creator is an experienced white hat hacker, so the cybersecurity solution's design effectively detects and prevents sophisticated cyber threats. The Garland Intrusion Detection and Prevention System utilizes the malicious hacker's inside knowledge of current and potential malicious hacker tactics. And it provides complete transparency and is hassle-free for users.
Protecting digital assets should be a priority, and Garland Intrusion Detection and Prevention System meets this need. With this reliable and easy-to-use cybersecurity solution, individuals and small office/home office businesses can feel secure knowing that their digital assets are protected, and their data is secured against cyberattacks.
In summary, Garland Intrusion Detection and Prevention System is an effective, user-friendly, and accessible cybersecurity solution that can cater to the varying security needs of individuals and small office/home office businesses.
当技术不断进步时,网络安全威胁也会不断增加,这可能使个人和小型企业容易受到网络犯罪的侵害。公共网络和电脑面临来自世界各地黑客的日常攻击,而「茼蒿」入侵防御系统(IDPS)则为应对此类威胁提供了高效、超低延迟的解决方案。
「茼蒿」的主要优势之一是其用户友好设计,它可供任何人使用,无论其在网络安全监控(NSM)或信息安全(InfoSec)方面的技术水平如何。此外,「茼蒿」以「随插即用,并且可以忘记之」的方式运行,无需进行复杂的配置或维护。同时,「茼蒿」 是完全免费的,这使其成为适合家庭和小型办公室/家庭办公室(SOHO)设置的负担得起的解决方案。
「茼蒿」的设计者是一位经验丰富的「白帽黑客」,因此这个网络安全方案的设计可以有效地检测和防范复杂的网络威胁。「茼蒿」入侵防御系统利用恶意黑客对当前和潜在的恶意黑客策略的深入了解,为用户提供完全透明、无麻烦的网络安全解决方案。
保护数字资产应该是一个优先考虑的问题,「茼蒿」入侵防御系统可以满足这一需求。有了这个可靠且易于使用的网络安全方案,个人和小型办公室/家庭办公室可以放心,他们的数字资产得到了保护,他们的数据得到了安全的保护,不会受到网络攻击的侵害。
总之,「茼蒿」入侵防御系统是一个有效、用户友好且易于获取的网络安全解决方案,可以满足个人和小型办公室/家庭办公室不同的安全需求。
- Blocks known malicious activities
- Compatible with Bittorrent and 4K video streaming
- Ultra-low latency for demanding online games
- Compatible with Microsoft Windows, GNU Linux, Apple macOS, Apple iOS, Google Android and Huawei HarmonyOS
- No subscription fee
- Automatically update
- Plug, Play and Forget!
- Totally transparent
- Setup is not required
- 有效阻挡已知的恶意行为,例如网络攻击等
- 简单直接的用户介面
- 极低的延迟性能有效地播放 4K 多媒体和玩要求速度的网络游戏
- 兼容微软视窗、苹果电脑、Linux 及 Apple iOS、Google Android、Huawei HarmonyOS 等各大移动系统
- 开源项目,完全免费
- 自动更新
- 随插即用,并且可以忘记之
- 完全透明
- 无需设定
- 4 cores ARM CPU (Quad-core ARM Cortex™-A55)
- 4GB RAM
- 16GB eMMC
- 3 network interfaces (2 x 2.5Gbps, 1 x 1Gbps)
- Max. power consumption 5W, fanless, no noise
- Max. WAN traffic flow up to 2.5Gbps
- 1 HDMI 2.0
- 2 USB 3.0 Type-A
- 1 micro SD Card Slot
- Slightly larger than a credit card
- 94.5mm (L) x 68mm (W) x 30mm (H)
All are open source projects.
- Suricata 6.0.12
- Debian
A 64GB micro SD Card (at least Class V30) is required for the installation.
Download the SD Card image at Google Drive and extract it.
Download Balena Etcher at its official site and burn the image to the micro SD Card. Then boot the NanoPi R5S with the micro SD Card. Therefore, faster the micro SD Card is better the performance.
你需要一张至少 64GB (规格 V30) 的 micro SD 卡。
从谷歌云盘下载镜像文件,然后解压文件。
从 Balena Etcher 官网下载,并将镜像文件烧录到 micro SD 卡中,再将 micro SD 卡启动 NanoPi。所以速度快的 micro SD 卡在效能上较为占优。
sha256 e272053b25c564ce6e94b1b6fea25770f7096c0538d1ddc9e6f20f223b38b63f rk3568-r5s-sd-garland-6.0.10-5.10-arm64-20230327.zip
sha256 8ed59d56c9cc2bec2b60acaa333958bbb38fd10cba902f612a648d1329ec8664 rk3568-r5s-sd-garland-6.0.10-5.10-arm64-20230327.img
Garland is developed by Samiux based on Croissants project which is since 2012 and it is released under GPLv3 and FREE OF CHARGE.
「茼蒿」是由 Samiux 基于他另一个开源项目「牛角面包」开发,该项目始于 2012 年。「茼蒿」亦是一项基于 GPLv3 的开源项目。
The following is the recommended connection method of Garland. However, you can connect it behind router too.
建议将防御入侵系统放置于路由器之前,但亦可以放置在路由器之后。
(LAN1) (LAN2 to Router's WAN) (Router's LAN)
Modem ----------- Garland ----------------------- Router ----------------- PCs & Laptops
| (WIFI)
| | (Router's LAN)
+-----------------------------+
(WAN to Router's LAN)
+------- Laptops
|
(LAN1) (LAN2 to Router's WAN) (Switch's LAN) |
Modem ----------- Garland ------------------ Router -------- Switch ---------+
| (WIFI) | |
| | |
+-----------------------------------------+ +------- PCs
(WAN to Switch's LAN)
(LAN1) (LAN2 to WIFI AP's WAN)
Modem with ----------- Garland ---------------- WIFI AP -------------------- PCs & Laptops
WIFI Router (unused) | |
| |
+------------------------+
(WAN to WIFI AP's LAN)
+------- WIFI AP
|
(LAN1) (LAN2 to Switch's Port #1) |
Modem with ----------- Garland ---------------- Switch -------------+
WIFI Router (unused) | | |
| | |
+------------------------+ +------- PCs & Laptops
(WAN to Switch's LAN)
+------- WIFI AP
|
(LAN1) (LAN2 to Switch's Port #1) |
5G Modem ----------- Garland ------------------ Switch -------------+
WIFI Router (unused) | | |
| | |
+------------------------+ +------- PCs & Laptops
(WAN to Switch's LAN)
Do NOT use the wifi that comes with 5G modem or modem with WIFI router as the traffic flow will NOT be protected by Garland.
不要使用 5G 调解器或调解器有无线网络功能的无线网络,因为其无线网络不受「茼蒿」的保护。
Between 0600 and 0630 hours every day, Garland will do the housekeeping and updating. The defending work of Garland may be interrupted during this period.
Garland can be turned off and it is not required to operate 24/7. The update will be carried out within half an hour when the Garland is booting up. It is advised NOT to turn off the Garland between 0600 and 0630 hours as it will do the update automatically. If you do so, you may break the Garland. Meanwhile, if you turn off the Garland within half an hour of the booting up, you may also break the system too.
There are over 32,000 rules in Garland and they are all free of charge. The number of rules are increasing.
For security purpose, it is NOT recommended to connect Garland via SSH in internet. However, you may connect Garland via SSH in intranet. The username and password are "garland". The IP address of the garland is 192.168.x.200, e.g. 192.168.0.200.
Garland cannot decrypt the SSL/TLS traffic well. However, it can handle a limited SSL/TLS traffic flow. Therefore, it is not ideal for using it as Web Application Firewall (WAF). For example, Garland can detect and drop self signed SSL/TLS certificate traffic and etc.
Yes, anti-virus is required. You are also advised to install the following add-ons or extensions for your browser such as Firefox or Chrome in order to increase the security for surfing the internet.
- uBlock Origin
- Ghostery
- Malwarebytes Browser Guard
- Avast Online Security & Privacy
- MalwareAI Browser Security
- VT4Browsers
每日的凌晨 0600 至 0630 时更新和维护,其间有可能对防御入侵系统的运作有些少影响。
每当启动后的半小时内其会自行更新维护,所以不要在其间或在 0600 至 0630 时其间内关闭防御入侵系统,因为有可能会损坏防御入侵系统。
所有规则都是免费的,已经超过 3 万 2 千多条,而且亦每日在增加中。
不建议,但可以在内网连接。其用户名称和密码都是 "garland"。至于网址是 192.168.x.200,例如 192.168.0.200。
不能。但她能够识别及阻挡自签 SSL/TLS 证书的流量。
需要。除此之外,我更建议在「火狐」或 Chrome 浏览器安装以下附加组件,使得上网时更安全。
- uBlock Origin
- Ghostery
- Malwarebytes Browser Guard
- Avast Online Security & Privacy
- MalwareAI Browser Security
- VT4Browsers
Since there is no Real-Time-Clock battery in the device, you are required to reboot the device (the FIRST boot of the burning SD Card) after half an hour in order to get the current local time.
Bottleneck is on CPU, speed is about 200Mbps.
因为防御入侵系统没有时钟电池,所以在烧录后第一次开机时,应在半小时后重启一次就可以更正时钟了。
瓶颈是在处理器,速度大概只有 200Mbps 左右。
Discord @samiux#3445
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent