specialworld83
New Member
A Complete Open-Source Security Platform for Linux
We are pleased to announce the release of BastionGuard 2.0, a modular security platform designed specifically for GNU/Linux.
This new version brings endpoint protection, network connection control, system backup, data recovery and browser-based administration together in a single integrated suite.
BastionGuard 2.0 is distributed as free and open-source software under the GNU General Public License v3, allowing users, developers, security researchers and Linux distribution maintainers to inspect, build, modify and improve the source code.
One Platform, Five Core Components
BastionGuard Endpoint
BastionGuard Endpoint is the central security application of the suite.
It provides a unified interface for accessing the platform’s main security capabilities, including:
malware scanning;
anti-ransomware protection;
anti-phishing detection;
firewall management;
USB device monitoring;
webcam and microphone privacy controls;
quarantine management;
identity and data-leak checks;
password management;
secure browsing and payment tools;
overall protection status monitoring.
Its purpose is to give Linux users a clear and centralized view of their system security, reducing the need to manage several disconnected tools.
BastionGuard Backup
BastionGuard Backup protects the operating system through incremental snapshots of system files and configuration.
It supports RSYNC-based snapshots and, on compatible systems, native Btrfs snapshots.
Users can configure:
hourly snapshots;
daily snapshots;
weekly snapshots;
monthly snapshots;
boot snapshots;
manual snapshots.
Snapshots can be restored to reverse unwanted changes, recover from failed updates or return the system to a previously working state.
BastionGuard Backup is primarily designed to protect the operating system and its configuration while keeping personal-document management separate.
BastionGuard Secure Connection
BastionGuard Secure Connection is an interactive application firewall for GNU/Linux.
It monitors outgoing network connections and allows users to decide which applications may communicate with external hosts.
Decisions can be applied temporarily or stored as persistent rules.
Its main capabilities include:
real-time connection monitoring;
application and process identification;
destination host, IP address and port visibility;
allow and deny rules;
connection history;
per-application statistics;
configured proxy detection;
nftables and NFQUEUE integration;
a /proc-based fallback when direct packet interception is unavailable.
The daemon and graphical interface communicate through a Unix socket using a lightweight JSON protocol, keeping packet interception separate from user interaction.
BastionGuard Recovery Data
BastionGuard Recovery Data is an advanced data-recovery engine developed in C++20.
It can analyze block devices, partitions and disk images to recover files, directories and, where supported, symbolic links.
Supported filesystems include:
FAT32;
exFAT;
NTFS;
ext4;
Btrfs;
XFS;
HFS+ and HFSX.
The engine can be used in several scenarios:
recovering files from intact volumes;
recovering deleted files;
analyzing filesystems with damaged metadata;
locating lost partitions;
recovering data from disk images;
filesystem-independent file carving.
The carving engine recognizes a broad range of formats, including images, documents, archives, audio files, video files and databases.
Advanced capabilities include:
ext4 journal processing;
NTFS recovery through $LogFile;
$MFTMirr fallback;
$I30 directory-index analysis;
Btrfs zlib, LZO and zstd extent decompression;
Btrfs RAID 5 and RAID 6 reconstruction;
XFS V5 recovery through FINOBT;
HFS+ compressed-file support;
symbolic-link reconstruction;
Unicode filename normalization.
BastionGuard Recovery Data clearly documents both its capabilities and limitations, distinguishing complete, partial and forensic reconstructions.
BastionGuard WebUI Server
BastionGuard WebUI Server extends the platform through a browser-accessible interface.
The WebUI makes it possible to view information, service status, security events and supported management functions without relying exclusively on the desktop application.
This component is designed for:
Linux workstations;
servers;
remotely administered environments;
laboratories;
local networks;
installations with multiple BastionGuard systems.
The WebUI complements the native applications and makes BastionGuard suitable for both desktop use and centralized operational workflows.
Designed for Linux
BastionGuard 2.0 uses established technologies from the Linux ecosystem, including:
systemd;
nftables;
NFQUEUE;
GTK;
CMake;
Meson;
OpenSSL;
YARA;
RSYNC;
Btrfs;
libsystemd;
libudev.
The platform is designed to integrate with major Linux distribution families, including:
Debian and Ubuntu;
Linux Mint and related distributions;
Fedora;
RHEL, AlmaLinux and Rocky Linux;
Arch Linux;
openSUSE.
Build and packaging procedures can adapt individual components to the technical and security requirements of each distribution.
Open Source and Auditable
BastionGuard 2.0 is designed as a transparent and auditable platform.
Its open-source development model allows the community to:
inspect the code;
audit security-sensitive components;
identify and fix issues;
create packages for additional distributions;
develop new integrations;
improve documentation and translations;
propose new features;
adapt the software to specific infrastructures.
The source code is distributed under the GNU GPLv3. The BastionGuard name and the project’s distinctive branding remain protected as trademarks.
A New Starting Point
BastionGuard 2.0 establishes the foundation for the future development of the platform.
The goal is to build a Linux security suite that combines prevention, monitoring, network control, system backup and data recovery through modular and interoperable components.
An open, documented platform built around native GNU/Linux technologies.
Protect the endpoint.
Control the connections.
Restore the system.
Recover the data.
Manage everything from the web.
Welcome to BastionGuard 2.0
We are pleased to announce the release of BastionGuard 2.0, a modular security platform designed specifically for GNU/Linux.
This new version brings endpoint protection, network connection control, system backup, data recovery and browser-based administration together in a single integrated suite.
BastionGuard 2.0 is distributed as free and open-source software under the GNU General Public License v3, allowing users, developers, security researchers and Linux distribution maintainers to inspect, build, modify and improve the source code.
One Platform, Five Core Components
BastionGuard Endpoint
BastionGuard Endpoint is the central security application of the suite.
It provides a unified interface for accessing the platform’s main security capabilities, including:
malware scanning;
anti-ransomware protection;
anti-phishing detection;
firewall management;
USB device monitoring;
webcam and microphone privacy controls;
quarantine management;
identity and data-leak checks;
password management;
secure browsing and payment tools;
overall protection status monitoring.
Its purpose is to give Linux users a clear and centralized view of their system security, reducing the need to manage several disconnected tools.
BastionGuard Backup
BastionGuard Backup protects the operating system through incremental snapshots of system files and configuration.
It supports RSYNC-based snapshots and, on compatible systems, native Btrfs snapshots.
Users can configure:
hourly snapshots;
daily snapshots;
weekly snapshots;
monthly snapshots;
boot snapshots;
manual snapshots.
Snapshots can be restored to reverse unwanted changes, recover from failed updates or return the system to a previously working state.
BastionGuard Backup is primarily designed to protect the operating system and its configuration while keeping personal-document management separate.
BastionGuard Secure Connection
BastionGuard Secure Connection is an interactive application firewall for GNU/Linux.
It monitors outgoing network connections and allows users to decide which applications may communicate with external hosts.
Decisions can be applied temporarily or stored as persistent rules.
Its main capabilities include:
real-time connection monitoring;
application and process identification;
destination host, IP address and port visibility;
allow and deny rules;
connection history;
per-application statistics;
configured proxy detection;
nftables and NFQUEUE integration;
a /proc-based fallback when direct packet interception is unavailable.
The daemon and graphical interface communicate through a Unix socket using a lightweight JSON protocol, keeping packet interception separate from user interaction.
BastionGuard Recovery Data
BastionGuard Recovery Data is an advanced data-recovery engine developed in C++20.
It can analyze block devices, partitions and disk images to recover files, directories and, where supported, symbolic links.
Supported filesystems include:
FAT32;
exFAT;
NTFS;
ext4;
Btrfs;
XFS;
HFS+ and HFSX.
The engine can be used in several scenarios:
recovering files from intact volumes;
recovering deleted files;
analyzing filesystems with damaged metadata;
locating lost partitions;
recovering data from disk images;
filesystem-independent file carving.
The carving engine recognizes a broad range of formats, including images, documents, archives, audio files, video files and databases.
Advanced capabilities include:
ext4 journal processing;
NTFS recovery through $LogFile;
$MFTMirr fallback;
$I30 directory-index analysis;
Btrfs zlib, LZO and zstd extent decompression;
Btrfs RAID 5 and RAID 6 reconstruction;
XFS V5 recovery through FINOBT;
HFS+ compressed-file support;
symbolic-link reconstruction;
Unicode filename normalization.
BastionGuard Recovery Data clearly documents both its capabilities and limitations, distinguishing complete, partial and forensic reconstructions.
BastionGuard WebUI Server
BastionGuard WebUI Server extends the platform through a browser-accessible interface.
The WebUI makes it possible to view information, service status, security events and supported management functions without relying exclusively on the desktop application.
This component is designed for:
Linux workstations;
servers;
remotely administered environments;
laboratories;
local networks;
installations with multiple BastionGuard systems.
The WebUI complements the native applications and makes BastionGuard suitable for both desktop use and centralized operational workflows.
Designed for Linux
BastionGuard 2.0 uses established technologies from the Linux ecosystem, including:
systemd;
nftables;
NFQUEUE;
GTK;
CMake;
Meson;
OpenSSL;
YARA;
RSYNC;
Btrfs;
libsystemd;
libudev.
The platform is designed to integrate with major Linux distribution families, including:
Debian and Ubuntu;
Linux Mint and related distributions;
Fedora;
RHEL, AlmaLinux and Rocky Linux;
Arch Linux;
openSUSE.
Build and packaging procedures can adapt individual components to the technical and security requirements of each distribution.
Open Source and Auditable
BastionGuard 2.0 is designed as a transparent and auditable platform.
Its open-source development model allows the community to:
inspect the code;
audit security-sensitive components;
identify and fix issues;
create packages for additional distributions;
develop new integrations;
improve documentation and translations;
propose new features;
adapt the software to specific infrastructures.
The source code is distributed under the GNU GPLv3. The BastionGuard name and the project’s distinctive branding remain protected as trademarks.
A New Starting Point
BastionGuard 2.0 establishes the foundation for the future development of the platform.
The goal is to build a Linux security suite that combines prevention, monitoring, network control, system backup and data recovery through modular and interoperable components.
An open, documented platform built around native GNU/Linux technologies.
Protect the endpoint.
Control the connections.
Restore the system.
Recover the data.
Manage everything from the web.
Welcome to BastionGuard 2.0

