Skip to content

Modules

Jump to bottom
dbcooper edited this page Feb 26, 2026 · 1 revision

Modules

PBP provides 7 independent security modules, each with full lifecycle management.

Available Modules

⏰ TIME - NTS Time Synchronization

Purpose: Prevents time-based attacks with encrypted time sources

Technology: chrony + NTS (Network Time Security)

What it does:

  • Configures NTS-authenticated time servers
  • Prevents time manipulation attacks
  • Ensures certificate validity
  • Provides accurate timestamps for logs

Commands:

sudo pbp enable time
pbp scan time
pbp health time

Full Documentation β†’

πŸ”’ DNS - Encrypted DNS

Purpose: Blocks DNS hijacking and surveillance

Technology: systemd-resolved + DNS over TLS (DoT)

What it does:

  • Encrypts all DNS queries
  • Enables DNSSEC validation
  • Prevents DNS cache poisoning
  • Blocks DNS surveillance

Commands:

sudo pbp enable dns
pbp scan dns

Full Documentation β†’

πŸ›‘οΈ NETWORK - Firewall

Purpose: Stateful packet filtering with default-deny policy

Technology: nftables

What it does:

  • Default drop policy on input
  • Stateful connection tracking
  • Egress filtering
  • Dropped packet logging

Commands:

sudo pbp enable network
pbp scan network

Full Documentation β†’

πŸ“¦ CONTAINER - Podman Security

Purpose: Rootless container runtime hardening

Technology: Podman + seccomp

What it does:

  • Enforces rootless containers
  • Applies seccomp profiles
  • Drops unnecessary capabilities
  • Validates image signatures

Commands:

sudo pbp enable container
pbp scan container

Full Documentation β†’

πŸ“‹ AUDIT - System Monitoring

Purpose: Detects unauthorized system changes

Technology: auditd

What it does:

  • Monitors critical files (/etc/passwd, /etc/shadow)
  • Tracks privileged commands (sudo, su)
  • Logs syscall activity
  • Immutable audit rules

Commands:

sudo pbp enable audit
pbp scan audit

Full Documentation β†’

πŸ” ROOTKIT - Malware Detection

Purpose: Identifies rootkits and system compromises

Technology: rkhunter + chkrootkit

What it does:

  • Scans for rootkits
  • Detects hidden processes
  • Validates file integrity
  • Checks for backdoors

Commands:

sudo pbp enable rootkit
pbp scan rootkit

Full Documentation β†’

🌐 RECON - Network Scanning

Purpose: Validates network exposure and attack surface

Technology: nmap

What it does:

  • Enumerates open ports
  • Identifies running services
  • Detects insecure protocols
  • Maps attack surface

Commands:

sudo pbp enable recon
pbp scan recon

Full Documentation β†’

Module Lifecycle

UNINSTALLED β†’ install β†’ INSTALLED β†’ enable β†’ ENABLED
                ↑                      ↓
                └──────── rollback β”€β”€β”€β”€β”˜

States

  • UNINSTALLED: Module not installed
  • INSTALLED: Packages installed, not configured
  • ENABLED: Fully configured and active

Operations

  • install: Installs required packages
  • enable: Applies configuration and starts services
  • disable: Stops services, keeps packages
  • scan: Runs security scan
  • health: Checks module health
  • rollback: Reverts to previous configuration

Module Structure

Each module contains:

modules/<name>/
β”œβ”€β”€ manifest.json    # Metadata and configuration
β”œβ”€β”€ install.sh       # Package installation
β”œβ”€β”€ enable.sh        # Configuration and activation
β”œβ”€β”€ disable.sh       # Deactivation
β”œβ”€β”€ scan.sh          # Security scanning
└── health.sh        # Health checks

Common Commands

Enable Multiple Modules

sudo pbp enable time
sudo pbp enable dns
sudo pbp enable network

Scan All Enabled Modules

sudo pbp scan

Check Health

pbp health

Rollback

sudo pbp rollback network

Module Dependencies

All modules are independent - no dependencies between them.

See Also

πŸ΄β€β˜ οΈ PBP Wiki

Home

πŸ“– Getting Started

πŸ›‘οΈ Modules

πŸ“Š Features

πŸ—οΈ Architecture

πŸ”’ Security

🀝 Development

Clone this wiki locally