oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 11:56:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

wip cleaning up presentation

Browse source
This commit is contained in:
urist 2024-12-19 18:12:50 +01:00
parent e0269345a2
commit 0b3ad6d583
1 changed files with 8 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

23
opsec/high_availability/index.html
View file

@ -60,15 +60,14 @@
<div class="container"> <div class="container">
<div class="row"> <div class="row">
<div class="col-lg-8 col-lg-offset-2"> <div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist - 00 / 00 / 00</ba></p> <a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/mulligan_sec.jpeg" width="50px" height="50px"> <ba>Mulligan Security - 24 / 12 / 19</ba></p>
<h1>SRVNAME Setup </h1>
<img src="0.png" class="imgRz">
<p> <p>
<h1> High Availability and anonymity </h1> <h1> High Availability and anonymity </h1>
The concept of high availability is omnipresent in centralized services. One expects their ISP to provide internet access, their email provider to give them 100% uptime whenever they want to send an email and so on.<br/> The concept of high availability is omnipresent in centralized services. One expects their ISP to provide internet access, their email provider to give them 100% uptime whenever they want to send an email and so on.<br/> <br/>
High-availability, the ability to provide high-uptime infrastructure, also has far-reaching implications for OPSEC practitioners. When an adversary wants to collect information such as physical location behind a hidden service, depending on their power they will use downtime as an indicator in order to progressively narrow the pool of potential service location until they can act decisively against the remaining suspects. <b> High-availability, the ability to provide high-uptime infrastructure, also has far-reaching implications for OPSEC practitioners.</b> <br/><br/>
When an adversary wants to collect information such as physical location behind a hidden service, depending on their power they will use downtime as an indicator in order to progressively narrow the pool of potential service location until they can act decisively against the remaining suspects.
</p> </p>
@ -81,13 +80,11 @@ High-availability, the ability to provide high-uptime infrastructure, also has f
<div class="container"> <div class="container">
<div class="row"> <div class="row">
<div class="col-lg-8 col-lg-offset-2"> <div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist - 00 / 00 / 00</ba></p>
<h1>SRVNAME Setup </h1>
<img src="0.png" class="imgRz">
<p> <p>
<h2> <b>Threat model</b> </h2> <h2> <b>Threat model</b> </h2>
In order to understand how high availability, or lack thereof, impacts our security posture me must first define the skills and abilities of our adversary. For this tutorial the adversary has the following attributes: In order to understand how high availability, or lack thereof, impacts our security posture me must first define the skills and abilities of our adversary. For this tutorial the adversary has the following attributes:
<br><br>
<ul> <ul>
<li>Ability to monitor the hidden service status and know rapidly if it goes offline</li> <li>Ability to monitor the hidden service status and know rapidly if it goes offline</li>
@ -110,14 +107,13 @@ A concrete example of such an adversary would be law enforcement and government
<div class="container"> <div class="container">
<div class="row"> <div class="row">
<div class="col-lg-8 col-lg-offset-2"> <div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist - 00 / 00 / 00</ba></p>
<h1>SRVNAME Setup </h1>
<img src="0.png" class="imgRz">
<p> <p>
<h2> <b>Attack Scenario</b> </h2> <h2> <b>Attack Scenario</b> </h2>
The adversary has identified a probable city of residence for the administrator of a hidden service. In order to narrow down their search perimeter they will do the following: The adversary has identified a probable city of residence for the administrator of a hidden service. In order to narrow down their search perimeter they will do the following:
<br>
<ol> <ol>
<li>Target 1 group of city block and send someone to the internet backbone for this city block to cut it off from the internet</li> <li>Target 1 group of city block and send someone to the internet backbone for this city block to cut it off from the internet</li>
<li>Check whether the onion service is still up</li> <li>Check whether the onion service is still up</li>
@ -132,13 +128,10 @@ The adversary has identified a probable city of residence for the administrator
</div><!-- /grey --> </div><!-- /grey -->
<div id="anon2"> <div id="anon3">
<div class="container"> <div class="container">
<div class="row"> <div class="row">
<div class="col-lg-8 col-lg-offset-2"> <div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist - 00 / 00 / 00</ba></p>
<h1>SRVNAME Setup </h1>
<img src="0.png" class="imgRz">
<p> <p>
<h2> <b>How can high availability help?</b> </h2> <h2> <b>How can high availability help?</b> </h2>
In the above scenario if the onion service operator had setup a redundant, highly available server then connections would have been seamlessly sent to another server in the redundancy pool, this preventing the adversary In the above scenario if the onion service operator had setup a redundant, highly available server then connections would have been seamlessly sent to another server in the redundancy pool, this preventing the adversary