This repo will hold the basic information and documentation around the digital and physical assets and projects for the AniNIX network.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 

2.3 KiB

This offers a detail of the security hierarchy of the AniNIX, which is layered in the following sections.

Physical security

Physical security includes storing the Forge2 in a locked second-floor building. Cerberus offers reporting on events in this location. Admins co-locate with this location and are trained in combat and close quarters defense. Physical intrusions will be rebuffed to the fullest extent of the law.

Network/Software protection

{{Organizer|Firewall| {{Organizer|Shadowfeed| {{Organizer|Trusted DMZ| {{Reference|DarkNet}} {{Organizer|Core| {{Organizer|Cerberus| {{Organizer|Firewall| Most of the services in the AniNIX are monitored by network-level intrusion detection

Open-access Services

{{Reference|WebServer}}{{Reference|TheRaven}}{{Reference|Foundation}}{{Reference|Heartbeat}}

Password-Restricted Services

{{Reference|IRC}}{{Reference|Wiki}}{{Reference|Yggdrasil}}

Remote Access

{{Organizer|Cerberus| The SSH service supports password and key authentication. {{Reference|SSH}} |Cerberus}} }} |Cerberus}} |Core}} {{Organizer|Windows| {{Organizer|Firewall| {{Reference|Games}} }} |Windows}} }} {{Organizer|Guest DMZ| Any visitors to the AniNIX premises are given access to the outside Internet via the Shadowfeed, but this access is isolated away from AniNIX systems. }} |Shadowfeed}} }}

Filesystem security

{{Organizer|Forge2| {{Organizer|Cerberus| {{Organizer|VirusScan| The Hypervisor content lives here. |VirusScan}} |Cerberus}} {{Organizer|Core| {{Organizer|LUKS-on-LVM Volume| {{Organizer|Cerberus| {{Organizer|VirusScan| Most of the data lives inside these layers. |VirusScan}} |Cerberus}} }} |Core}} {{Organizer|Windows| {{Organizer|VirusScan| The Windows data lives here. |VirusScan}} |Windows}} |Forge2}}

Backups

Windows and Core are backed up locally on mirrored, non-RAID disks. They are also backed up to a 4TB hard drive from the Forge2 to an off site safety deposit box in a bank, making it very difficult to destroy all copies of these hosts.

Should all backups be lost, the Aether project also backs up Core's critical configuration files and a list of files in Yggdrasil to an anonymous list of servers. Grimoire's databases are independently archived to a password-based tarball and stored in cloud storage.

Category:Security Category:Layout