This repo contains the source code for EasIPS, an easy-to-use and customizable modular Intrusion Prevention System programmed in Python.
This software allows to dynamically block IPs that exceed a configurable number of failed login attempts in a customizable amount of time during an also user-defined time period.
These and many other settings can be adjusted from the web-based graphical user interface, where blocked IPs and more information can also be listed.
- WordPress
- SSH
- Joomla
- phpMyAdmin
It's enough to run the main.py
file with the python interpreter, given that the PIP dependencies (requirements.txt
) are satisfied. Root permissions are needed to open a socket for the web server.
This script will run the application in the background, as well as the web GUI; the listening address and port can be specified in the call.
/easips
for the Python package, including:locks.py
forServiceLock
and its implementationslogin_trackers.py
forLoginTracker
and its implementations/web
for the static GUI files (HTML, CSS & JavaScript)gui.py
for the Flask applicationdb.py
for the database and modelscore.py
for the main loop and service managementapp.py
, which contains the main class that needs to be instantiated and run (EasIPS
)
/ssh
,/joomla
,/phpMyAdmin
,/wordpress
for the different services/tests
to store test python filesmain.py
, which runs the whole application and the web GUI in the background
EasIPS has been developed for the 2022 Network Security Course from TU Delft's MSc Computer Science by:
- Jorge Bruned
- Thomas Werthenbach
- Job Kanis
- Cesar van der Poel
- Louise van der Peet
- Ane Zubillaga Argal