From 1c2f4266ad89cd5729d796d6fcbd4539b95dcdf8 Mon Sep 17 00:00:00 2001 From: DarkFeather Date: Fri, 29 Apr 2022 11:15:20 -0500 Subject: [PATCH] Adding Nazara README.md --- roles/Nazara/README.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 roles/Nazara/README.md diff --git a/roles/Nazara/README.md b/roles/Nazara/README.md new file mode 100644 index 0000000..abe5124 --- /dev/null +++ b/roles/Nazara/README.md @@ -0,0 +1,16 @@ +A Nazara host is a gateway to accessing other hosts. It is a safeguard against admin error. + +## Etymology +Nazara hosts are named because they are the first line of defense against administrative error -- they prevent admins from being locked out of correcting their changes and are connected to everything in the ecosystem. They also control DNS, which allows a sort of subliminal control of the entire ecosystem. This is akin to the mastermind [Reaper AI](https://masseffect.fandom.com/wiki/Sovereign) from the Mass Effect franchise, and in fact can be the extinction of any DNS-enabled malware in the ecosystem by sinkholing the Command-and-Control. + +## Capacity and Components +A Nazara host needs minimal CPU or memory. + +## Hosted Services and Entities +Nazara should host a Pihole installation and [SSH](../Services/SSH.md). It should be NAT'ed to an obscure port to the outside world. + +## Connections +Any host should be able to connect to a Nazara with SSH and X11, and it should be able to dial to any service provider. + +## Additional Reference +Nazara hosts should be deployed alongside any Hypervisor. They can be as simple as a Pi-hole with SSH access, and they should be allowed to receive SSH connections from a non-tcp/22/ssh port.