Skip to content

Commit

Permalink
update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@beac0n
beac0n committed Aug 23, 2024
1 parent 227a4f8 commit 905c7a2
Showing 1 changed file with 9 additions and 16 deletions.
25 changes: 9 additions & 16 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,15 @@ the tool consist of 3 binaries:
The commands are configured on the server side, so the client does not define what is going to be executed, it only
picks from existing commands.

## security

- client sends UDP packet to server, server never responds to it -> port-scanning does not help an adversary
- data sent from client to server is encrypted using RSA
- client only defines command to execute, commands are saved on server -> client can only pick command but not define it
- run server software in such a way so that it uses as little operating system rights as possible
- replay protection by adding every packet that the server received to a blocklist
- (WIP) DoS protection

# use case

If you host a server on the web, you know that you'll get lots of brute-force attacks on (at least) the SSH port of your
Expand Down Expand Up @@ -148,22 +157,6 @@ open_ssh = "ufw allow from $RUROCO_IP proto tcp to any port 22"
close_ssh = "ufw delete allow from $RUROCO_IP proto tcp to any port 22"
```

# security

A lot of thought has gone into making this tool as secure as possible:

- The client sends a UDP packet to the server, to which the server never responds. So port-scanning does not help an
adversary.
- The server only holds the public key. The client uses the private key to send an encrypted packet.
- Each request that is sent holds the current timestamp and the command that the server should execute.
This encrypted packet is only valid for a configurable amount of time.
- On the server, the service that received the UDP package has as little OS rights as possible (restricted by systemd).
After validating the data, the service that received the UDP packet (server) instructs another service (commander) to
execute the command. So even if the server service is compromised, it can't do anything, because it's rights are
extremely limited.
- Each packet can only be sent once and will be blacklisted on the server.
- (WIP) To make the service less vulnerable against DoS attacks ...

# architecture

## overview
Expand Down

0 comments on commit 905c7a2

Please sign in to comment.