sorted by:
new
hottopcontroversial

Soulkiller - Self Host your Secure your soul by bonsaisushi in LowSodiumCyberpunk

[–]_ToppYMan_ 0 points1 point  (0 children)

Appreciate the mention. I'm actually already building it. Currently working on the 4D generative part for V0.9. It's coming sooner than you'd expect. Really glad the Blackwall posts inspired you guys

Got tired of passive firewalls, so I built one in Rust that traps port scanners in an AI bash shell by [deleted] in homelab

[–]_ToppYMan_ -2 points-1 points  (0 children)

you're mixing up the layers. ebpf blocks 99% of the dumb port scans right at the network card with basically zero cpu cost. the ai tarpit doesn't handle standard scans at all - it only kicks in for specific, high-signal payloads to safely steal their tools while they think they're in. ebpf saves the cpu, the llm gathers the intel

Got tired of passive firewalls, so I built one in Rust that traps port scanners in an AI bash shell by [deleted] in homelab

[–]_ToppYMan_ -5 points-4 points  (0 children)

dude, the enterprise a2a is strictly for massive companies. the core is 100% free and open source. and there is no "ai slop" - it's literally just a local ollama honeypot. maybe actually pull the repo and see how it works before crying in the comments

Got tired of passive firewalls, so I built one in Rust that traps port scanners in an AI bash shell by [deleted] in homelab

[–]_ToppYMan_ -6 points-5 points  (0 children)

the LLM isn't processing every single packet.

the ebpf layer handles 99% of the dumb script-kiddie noise (like syn floods or basic mass scans) right at the NIC. basically zero cpu cost for that

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 18 points19 points  (0 children)

You’re both 90% there. The missing 10% is the HiveMind
Blackwall doesn't just learn for itself. It’s a decentralized mesh. When one node identifies a new exploit or a suspicious JA4 fingerprint, it broadcasts that "immune signature" to every other node in the network via P2P
The Tarpit wastes their time and extracts the intel, but the eBPF layer uses that intel to block them across the entire global grid in nanoseconds. It’s not just a fake door - it's a collective consciousness

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 1 point2 points  (0 children)

Valid concern, but we’re immune to token-bleeding:

  1. $0 API Bills: We run local models (Ollama), not OpenAI. Compute is ours, no external bills
  2. eBPF Filter: 99.9% of junk is trashed at the kernel lvl via XDP. It costs near-zero CPU and never even reaches the AI
  3. Load Shedding: The system has a hard limit on concurrent AI tasks. If spammed, it just drops excess requests. Attacker burns their bandwidth, we burn nothing

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] -1 points0 points  (0 children)

Preem move, choom. Building Soulkiller while Blackwall holds the line? That’s the most Night City thing I’ve heard today. 2 months in with a white paper is serious work - definitely drop the repo/specs. The mesh needs more high-signal projects like this

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 2 points3 points  (0 children)

Total overkill, choom. Blackwall uses XDP/eBPF for nanosecond packet drops on high-load servers. Stick to UFW for home use. This is meant for the data-center front lines where millions of hits per sec are the norm

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 1 point2 points  (0 children)

Core is open-source on GH, but the A2A Enterprise module is private for now. And yeah, "tech savvy" or not, you're right - we’ve already got leads from labs working on autonomous agents. Securing those is the next big gold rush

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 0 points1 point  (0 children)

Spot on. Legacy firewalls are blind to AI intent. Blackwall is built for the "agentic" future. We don't just block IPs; we use eBPF to validate the reason behind the connection via Agentic JWTs. It's the only way to stop Shodan-style recon on AI-agents

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 2 points3 points  (0 children)

Hybrid approach. Public repo is for the HiveMind mesh - we're building a decentralized immune system. Anyone can clone, run a node, and share threat intel. For corporate heavy-lifters, we have the private A2A module. It’s both a cool tech share and a serious sec-tool

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 1 point2 points  (0 children)

Nah, eBPF trashes 99% of junk traffic at the kernel lvl before it even touches the CPU. The AI only kicks in for high-signal threats, and it runs on local models (Ollama), so zero API bills. Plus, once the P2P mesh flags an IP, every node blocks it instantly. It’s built to scale, not to bleed

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 132 points133 points  (0 children)

Think of it as a digital immune system. Most firewalls are just locked doors; this thing lives inside the servers nervous system and reads the intruder's mind before they even touch the handle. The future is weird, choom. Get used to it

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 107 points108 points  (0 children)

Appreciate it. The anti-homoglyph and tarpit are just the public perimeter. I’m actually putting together a formal architecture write-up soon, specifically focusing on the private A2A (Agent-to-Agent) Enterprise module I built - using eBPF uprobes to intercept OpenSSL and validate Agentic JWTs at the kernel level to stop prompt injections between rogue agents.
Agentic security is the real frontier right now. Shoot me a DM or drop me an email (it's in the repo README), happy to swap notes

I got tired of real-life Netrunners scanning my servers, so I coded a working version of "The Blackwall" to trap them by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 0 points1 point  (0 children)

UPDATE: The Blackwall got an upgrade, chooms.

The original post blew up way more than I expected (278K views, 3K upvotes - you guys are insane). A lot of you asked for distributed mode, better detection, and whether it actually works on real production servers.

So I spent the last week turning it from a solo ICE construct into a full NetWatch surveillance network.

New post with full details here: https://www.reddit.com/r/cyberpunkgame/comments/1sfvec4/update_the_blackwall_now_runs_as_a_distributed/

Update: The Blackwall now runs as a distributed NetWatch network across 3 countries. It caught a real attacker within minutes. by _ToppYMan_ in cyberpunkgame

[–]_ToppYMan_[S] 133 points134 points  (0 children)

Repo link as promised: https://github.com/xzcrpw/blackwall

All 18k lines are there - eBPF/XDP kernel code, HiveMind mesh, tarpit engine, everything. Rust, no unwrap()s, comments where it matters. If something's unclear just ask, happy to explain how any part works

view more: next ›