AniNIX/Wiki
3
0
Fork 0
Code Issues 9 Pull Requests 3 Releases Activity

Imperfect initial commit, but too far to go back

Browse Source
This commit is contained in:
DarkFeather
2020-01-02 05:22:16 -06:00
commit 06f37260ec
84 changed files with 2812 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
Layouts/Security_Layout.md Normal file
View File

@@ -0,0 +1,68 @@
This offers a detail of the security hierarchy of the AniNIX, which is layered in the following sections.
# Physical security
Physical security includes storing the [[Forge2]] in a locked second-floor building. [[Cerberus]] offers reporting on events in this location. Admins co-locate with this location and are trained in combat and close quarters defense. Physical intrusions will be rebuffed to the fullest extent of the law.
# Network/Software protection
{{Organizer|Firewall|
{{Organizer|Shadowfeed|
{{Organizer|Trusted DMZ|
{{Reference|DarkNet}}
{{Organizer|Core|
{{Organizer|Cerberus|
{{Organizer|Firewall|
Most of the services in the AniNIX are monitored by network-level intrusion detection
## Open-access Services
{{Reference|WebServer}}{{Reference|TheRaven}}{{Reference|Foundation}}{{Reference|Heartbeat}}
## Password-Restricted Services
{{Reference|IRC}}{{Reference|Wiki}}{{Reference|Yggdrasil}}
## Remote Access
{{Organizer|Cerberus|
The SSH service supports password and key authentication.
{{Reference|SSH}}
|Cerberus}}
}}
|Cerberus}}
|Core}}
{{Organizer|Windows|
{{Organizer|Firewall|
{{Reference|Games}}
}}
|Windows}}
}}
{{Organizer|Guest DMZ|
Any visitors to the AniNIX premises are given access to the outside Internet via the Shadowfeed, but this access is isolated away from AniNIX systems.
}}
|Shadowfeed}}
}}
# Filesystem security
{{Organizer|Forge2|
{{Organizer|Cerberus|
{{Organizer|VirusScan|
The Hypervisor content lives here.
|VirusScan}}
|Cerberus}}
{{Organizer|Core|
{{Organizer|LUKS-on-LVM Volume|
{{Organizer|Cerberus|
{{Organizer|VirusScan|
Most of the data lives inside these layers.
|VirusScan}}
|Cerberus}}
}}
|Core}}
{{Organizer|Windows|
{{Organizer|VirusScan|
The Windows data lives here.
|VirusScan}}
|Windows}}
|Forge2}}
# Backups
[[Windows]] and [[Core]] are backed up locally on mirrored, non-RAID disks. They are also backed up to a 4TB hard drive from the [[Forge2]] to an off site safety deposit box in a bank, making it very difficult to destroy all copies of these hosts.
Should all backups be lost, the [[Aether]] project also backs up Core's critical configuration files and a list of files in [[Yggdrasil]] to an anonymous list of servers. [[Grimoire]]'s databases are independently archived to a password-based tarball and stored in cloud storage.
[[Category:Security]]
[[Category:Layout]]

19
Layouts/Service_and_Host_Layout.md Normal file
View File

@@ -0,0 +1,19 @@
{{Reference|Holocron}}
{{Organizer|Infrastructure|
{{Organizer|Shadowfeed|
{{Reference|Tricorder}}{{Reference|Geth}}{{Reference|Bastion}}{{Reference|Print}}{{Reference|TeamRed}}{{Reference|TeamGreen}}{{Reference|TeamBlue}}
{{Organizer|Forge2|
{{Organizer|Windows|
{{Reference|Games}}
|Windows}}
{{Organizer|Core|
{{Reference|Aether}}{{Reference|Cerberus}}{{Reference|Foundation}}{{Reference|Geth}}{{Reference|Grimoire}}{{Reference|Heartbeat}}{{Reference|IRC}}{{Reference|TheRaven}}{{Reference|Singularity}}{{Reference|Sora}}{{Reference|SSH}}{{Reference|WebServer}}{{Reference|Wiki}}{{Reference|WolfPack}}{{Reference|VirusScan}}{{Reference|Yggdrasil}}
|Core}}
{{Organizer|DarkNet|
{{Reference|VirusScan}}{{Reference|WolfPack}}
|DarkNet}}
|Forge2}}
|Shadowfeed}}
|Infrastructure}}
[[Category:Layout]]