Smart Server Defense
Powered by BlueIce3
Documentation

This page contains links to a bunch of information on how to setup and configure the Smart Server Defense software. It also has links to resources and documentation for the database and supporting software.
Before Getting Started
The first decision you'll have to make when getting started is if you want to setup and configure Smart Server Defense on your own linux box, on an Ubuntu 16.04 linux box, or just use one of the AMIs available. While the software is free the AMIs available do cost money, and also they are designed to work with Amazon Web Services so if you're not on AWS the AMIs won't really help you. No worries we'll cover installing Smart Server Defense from scratch.
If you want to get a better understanding of Tensor Flow and AI in general then we suggest you go over some of the Python AI tutorials available here. You don't have to work through the coding samples if you're not a coder. You don't even have to work through these tutorials but they are available for those who want a deeper understanding of the software and underlying technology.
If you have less experience with linux and configuring servers in general then we recommend using Ubuntu 16.04 LTS because our installation scripts will do most of the work. If you feel comfortable working on a different flavor of linux then feel free we will provide you with a detailed list of the dependencies necessary to get up and running.
The Smart Server Defense software suite is broken down into the following layers.
  • Bash scripts: for installing and configuring basic server and Smart Server Defense requirements.
  • Python, Python Libs: for handling the AI, database interaction, and CLI interface with the blueice2 code.
  • MySQL: for persistent storage of blueice2's configuration, state, and IP block list.
  • Cron: for scheduling the scripts that run blueice2 at interval.
  • Firewall, AWS Security Group, Block List: for preventing access to the identified malicious IP addresses.
The software can be interpreted the following way. Nomenclature used in the documentation is as follows.
  • BlueIce2: The python AI core software that is responsible for training, and running the AI, and outputting a list of IP addresses that should be blocked.
  • BlueIce3: The BlueIce2 core code plus BlueIce2Utils, blueice3_install, SmartServerDefenseCfg, BlueIce2 MySQL database and associated scripts and automation.
  • Smart Server Defense (Server/Suite): The entire set of software in BlueIce3 plus all server specific configuration that allows for the automation of apache log scanning, IP address expiration processing, IP address blocking, AI training, etc, is somewhat synonymous with BlueIce3.
The base install directory structure is as follows. Newer version of the software suite will have new features and directories but the underlying basic setup is depicted below.
    blueice3
    -> 0_X_0_9 : version code dir, X = 4 || 5 currently
        -> blueice3_install : install script, local
        -> db_baks : blueice2 mysql db backups, local
        -> apps
            -> python
                -> BlueIce2 : blueice2 AI core
                -> BlueIce2Utils : blueice2utils support app
            -> scripts
                -> SmartServerDefenseCfg : server configuration project (meta)
                    -> blueice3_install : install script, latest
                    -> db_baks : blueice2 mysql db backups, latest
                    -> SmartServerDefenseWeb : documentation and blocked ip listing
                                
The resources below will guide you through the installation, configuration, and automation of the Smart Server Defense software suite.
Getting Set Up Quickly
Quickly Setup BlueIce3 on Ubuntu
Detailed Information
Base Installation Steps / Details
Configure BlueIce3 (Python, AI, MySQL)
Automate BlueIce3 (Cron, Firewall, Shell)
Copyright © 2018    Middlemind LLC.    Victor G. Brusca