Skip to content
  • Home
  • Categories
  • Recent
  • Popular
  • World
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo
v3.10.3 Latest
Buy Hosting
  1. Home
  2. Uncategorized
  3. Any recommendations for #FOSS software for a command & control / manage server?

Any recommendations for #FOSS software for a command & control / manage server?

Scheduled Pinned Locked Moved Uncategorized
fosssysadminlinuxserver
7 Posts 3 Posters 71 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • natanox@chaos.socialN This user is from outside of this forum
    natanox@chaos.socialN This user is from outside of this forum
    Natasha Nox πŸ‡ΊπŸ‡¦πŸ‡΅πŸ‡Έ
    wrote last edited by
    #1

    Any recommendations for #FOSS software for a command & control / manage server? Or just go with a highly custom Arch Linux with all the software for reversed SSH tunnels, VPN etc.? πŸ€”
    #Sysadmin #Linux #Server

    thecyberarcher@mastodon.socialT kroyio@mastodon.kroy.ioK 2 Replies Last reply
    0
    • thecyberarcher@mastodon.socialT This user is from outside of this forum
      thecyberarcher@mastodon.socialT This user is from outside of this forum
      TheCyberArcher
      replied to Natasha Nox πŸ‡ΊπŸ‡¦πŸ‡΅πŸ‡Έ last edited by
      #2

      @Natanox any distro, maybe stable and use docker rootless / podman + reverse proxy + wireguard. Dont forget, disable root + his shell (for escalation blocking). Add a strict restrictive firewall policy to ensure maximum security.

      Use owasp guide for OCI hardening πŸ˜‰

      natanox@chaos.socialN 1 Reply Last reply
      0
      • natanox@chaos.socialN This user is from outside of this forum
        natanox@chaos.socialN This user is from outside of this forum
        Natasha Nox πŸ‡ΊπŸ‡¦πŸ‡΅πŸ‡Έ
        replied to TheCyberArcher last edited by
        #3

        @TheCyberArcher Thought about using OpenSuse Tumbleweed with Server preset instead of Arch as I'm also comfortable with that and it comes with firewalld, AppArmor, SecureBoot, SELinux and all that jazz right from the installer and is extremely stable in my experience.

        Reverse proxy? πŸ€” I thought about using sth. like OpenVPN to have machines connect to the C&C server (or rather the network it's inside), then have the reverse SSH connection established through it.

        thecyberarcher@mastodon.socialT 1 Reply Last reply
        0
        • kroyio@mastodon.kroy.ioK This user is from outside of this forum
          kroyio@mastodon.kroy.ioK This user is from outside of this forum
          kroy πŸ³οΈβ€πŸŒˆπŸ³οΈβ€βš§οΈ 🌈
          replied to Natasha Nox πŸ‡ΊπŸ‡¦πŸ‡΅πŸ‡Έ last edited by
          #4

          @Natanox treat everything like cattle not pets.

          Whatever automation that means. Terraform, ansible, docker, kubernetes, etc.

          natanox@chaos.socialN 1 Reply Last reply
          0
          • natanox@chaos.socialN This user is from outside of this forum
            natanox@chaos.socialN This user is from outside of this forum
            Natasha Nox πŸ‡ΊπŸ‡¦πŸ‡΅πŸ‡Έ
            replied to kroy πŸ³οΈβ€πŸŒˆπŸ³οΈβ€βš§οΈ 🌈 last edited by
            #5

            @kroyio I heard about that sentence but it doesn't make sense to me. Does it mean I should configure it as well as the backup routines in some repeatable fashion…?

            1 Reply Last reply
            0
            • thecyberarcher@mastodon.socialT This user is from outside of this forum
              thecyberarcher@mastodon.socialT This user is from outside of this forum
              TheCyberArcher
              replied to Natasha Nox πŸ‡ΊπŸ‡¦πŸ‡΅πŸ‡Έ last edited by
              #6

              @Natanox The reverse proxy is if you use web apps, to expose and redirect 443 to specific ports on the server. Depending on your case of administration (if you need GUI), this can be useful.

              My server is also under arch, but docker allows me to minimize the impact of an upgrade problem on the host OS side.

              Otherwise I agree, ssh through the VPN client to server is better, whether it's with openVPN or Wireguard πŸ™‚

              natanox@chaos.socialN 1 Reply Last reply
              0
              • natanox@chaos.socialN This user is from outside of this forum
                natanox@chaos.socialN This user is from outside of this forum
                Natasha Nox πŸ‡ΊπŸ‡¦πŸ‡΅πŸ‡Έ
                replied to TheCyberArcher last edited by
                #7

                @TheCyberArcher Oh okay, I thought you meant SOCKS5 or something. πŸ˜… Yeah, I use reverse proxies as well with docker and nginx proxy manager. In this case it probably won't be necessary though.

                1 Reply Last reply
                0

                Copyright Β© 2024 NodeBB | Contributors
                • Login
                • Don't have an account? Register
                • Login or register to search.
                Powered by NodeBB Contributors
                • First post
                  Last post
                0
                • Home
                • Categories
                • Recent
                • Popular
                • World
                • Top
                • Tags
                • Users
                • Groups
                • Documentation
                  • Home
                  • Read API
                  • Write API
                  • Plugin Development