RE: ReBreached - Launch - forum OPSEC details - Meqano - 08-07-2023
(06-28-2023, 02:33 PM)ReBreached Wrote: Welcome to Rebreached Forum
we aim to offer more transparent security so below is our OPSEC details
OPSEC
-
Forums and host
Forum is running as a container isolated from host to simplify migration to other hosts (in case), backup, defense and mitigate damage.
Forum is behind double reverse proxies
Close-end acting as web applications firewall WAF
Far-end managing traffic throttling, basic security, cache, authorizing sensitive endpoints
Host server is behind Cloudflare and it will simply drop all side connections
Users’ IP addresses are not logged in the forum’s database, and all records are removed within a week from other log files
- Email is not required to be confirmed[can use a total fake email]
SSH to host server will only allow TOR traffic to establish connection, forcing anonymity for system administrators and making it harder for brute force attacks.
Host system and system services are auto updated
Host real IP is masked using multiple techniques, and SSL fingerprinting is minimized by issuing HTTP certs via DNS challenges
Eventually domain name could (or will) be banned by provider therefore backup clear net and darknet domains are in place.
Auto backup (ENABLED) - But on the host not the application level (Because it’s vulnerable)
CDN
The file servers are still not protected as good as the forums, however we have some tricks in our pockets
The file download and validation mechanism is built from scratch and therefore it’s a black box
Traffic is forced through Cloudflare
Real IPs are not masked but will be soon
SSH via TOR only
Auto update and upgrade (ENABLED)
Admin access
We are humans and so we understand that we need to eliminate human error factor, of course to protect ourselves, but more importantly protect the project.
Dedicated end points. So, no gaming, no chilling, no nothing on our endpoints except for this work only.
Dedicated accounts to null all possible correlation. We use stack overflow using a unique dedicated username on it. And same for ChatGPT by the way.
No direct admin access, neither on our endpoint nor on servers, there has to be extra authentication and authorization before any root level operation.
Always on TOR & VPN on our endpoints and MIFIs
Open or private wifi connection in the extremely unlikely case of tracing our IP address it won’t lead anywhere useful.
No single point of failure, in case someone was ran under the bus
Rotate keys, IPs, providers, servers, freelancers. Don’t trust any tool for too long.
Future plans and notes
Distribute hosting the forums on multiple host servers (Better redundancy and backup) leveraging k8s, and database replication.
Use more hidden networks services (like I2P and Loki) to promote more anonymity
Distribute CDN onto a cluster of servers
Rotating unnecessary data (ex: delete messages within a window of month) to minimise the damage of any breach that could happen in future.
Enable bittorrent download of files. But probably we’ll have to encrypt zip files to make our providers happy
Move away from MyBB as it is fragile by design (many plugins, themes, backend, etc ..)
Note: CloudFlare is playing a major role but we recognize that they are basically just MITM and we have to move away.
Note: unfortunately the first people to attack us (and make us stronger) were the people supposed to support us, and thus the use for this many firewalls
Obvious ones
Database is protected with its own user and password, and its network port is private
HTTPS traffic is enforced with 301 redirect for the clear net, and an onion link is advertised for better privacy
Payments are only accepted in Crypto coins (Monero is recommended) and to the public advertised addresses (Don’t get yourself phished
Please read the rules, contribute and enjoy your time here.
(06-28-2023, 02:33 PM)ReBreached Wrote: G Welcome to Rebreached Forum
we aim to offer more transparent security so below is our OPSEC details
OPSEC
-
Forums and host
Forum is running as a container isolated from host to simplify migration to other hosts (in case), backup, defense and mitigate damage.
Forum is behind double reverse proxies
Close-end acting as web applications firewall WAF
Far-end managing traffic throttling, basic security, cache, authorizing sensitive endpoints
Host server is behind Cloudflare and it will simply drop all side connections
Users’ IP addresses are not logged in the forum’s database, and all records are removed within a week from other log files
- Email is not required to be confirmed[can use a total fake email]
SSH to host server will only allow TOR traffic to establish connection, forcing anonymity for system administrators and making it harder for brute force attacks.
Host system and system services are auto updated
Host real IP is masked using multiple techniques, and SSL fingerprinting is minimized by issuing HTTP certs via DNS challenges
Eventually domain name could (or will) be banned by provider therefore backup clear net and darknet domains are in place.
Auto backup (ENABLED) - But on the host not the application level (Because it’s vulnerable)
CDN
The file servers are still not protected as good as the forums, however we have some tricks in our pockets
The file download and validation mechanism is built from scratch and therefore it’s a black box
Traffic is forced through Cloudflare
Real IPs are not masked but will be soon
SSH via TOR only
Auto update and upgrade (ENABLED)
Admin access
We are humans and so we understand that we need to eliminate human error factor, of course to protect ourselves, but more importantly protect the project.
Dedicated end points. So, no gaming, no chilling, no nothing on our endpoints except for this work only.
Dedicated accounts to null all possible correlation. We use stack overflow using a unique dedicated username on it. And same for ChatGPT by the way.
No direct admin access, neither on our endpoint nor on servers, there has to be extra authentication and authorization before any root level operation.
Always on TOR & VPN on our endpoints and MIFIs
Open or private wifi connection in the extremely unlikely case of tracing our IP address it won’t lead anywhere useful.
No single point of failure, in case someone was ran under the bus
Rotate keys, IPs, providers, servers, freelancers. Don’t trust any tool for too long.
Future plans and notes
Distribute hosting the forums on multiple host servers (Better redundancy and backup) leveraging k8s, and database replication.
Use more hidden networks services (like I2P and Loki) to promote more anonymity
Distribute CDN onto a cluster of servers
Rotating unnecessary data (ex: delete messages within a window of month) to minimise the damage of any breach that could happen in future.
Enable bittorrent download of files. But probably we’ll have to encrypt zip files to make our providers happy
Move away from MyBB as it is fragile by design (many plugins, themes, backend, etc ..)
Note: CloudFlare is playing a major role but we recognize that they are basically just MITM and we have to move away.
Note: unfortunately the first people to attack us (and make us stronger) were the people supposed to support us, and thus the use for this many firewalls
Obvious ones
Database is protected with its own user and password, and its network port is private
HTTPS traffic is enforced with 301 redirect for the clear net, and an onion link is advertised for better privacy
Payments are only accepted in Crypto coins (Monero is recommended) and to the public advertised addresses (Don’t get yourself phished
Please read the rules, contribute and enjoy your time here.
(07-10-2023, 05:06 AM)Omnipotent Wrote: (06-28-2023, 02:33 PM)ReBreached Wrote: Hi Welcome to Rebreached Forum
This forum is it not related to Breached or is not run by any of breached original team
we aim to offer more transparent security so below is our OPSEC details
Please read the rules, contribute and enjoy your time here.
we don't require real emails, and we don't require email confirmations
Lets go brother
RE: ReBreached - Launch - forum OPSEC details - Laith - 08-07-2023
Lets goooo
Anglina is that you?
Thats what im talking about
Yellow tape around his body
Hmmmmm
Yoooohoooo
How are you guys?Quote:
Hgfgjutfjjird4tjiutfr68kgceechiudrfvj88t5cvjigserghku6tthitddQuote:
RE: ReBreached - Launch - forum OPSEC details - zzaaii - 08-07-2023
"Appreciating all your help. Thank you for everything you do!"
"Appreciating all your help. Thank you for everything you do!"
RE: ReBreached - Launch - forum OPSEC details - Seed100 - 08-07-2023
كفوووووو ولله
شكرا شكرا لحظراتكم
RE: ReBreached - Launch - forum OPSEC details - Sadekgafer33 - 08-08-2023
احسنت
RE: ReBreached - Launch - forum OPSEC details - Kamal - 08-11-2023
Nice work
This website is good
RE: ReBreached - Launch - forum OPSEC details - Kamal - 08-12-2023
(06-28-2023, 02:33 PM)ReBreached Wrote: Welcome to Rebreached Forum
we aim to offer more transparent security so below is our OPSEC details
OPSEC
-
Forums and host
Forum is running as a container isolated from host to simplify migration to other hosts (in case), backup, defense and mitigate damage.
Forum is behind double reverse proxies
Close-end acting as web applications firewall WAF
Far-end managing traffic throttling, basic security, cache, authorizing sensitive endpoints
Host server is behind Cloudflare and it will simply drop all side connections
Users’ IP addresses are not logged in the forum’s database, and all records are removed within a week from other log files
- Email is not required to be confirmed[can use a total fake email]
SSH to host server will only allow TOR traffic to establish connection, forcing anonymity for system administrators and making it harder for brute force attacks.
Host system and system services are auto updated
Host real IP is masked using multiple techniques, and SSL fingerprinting is minimized by issuing HTTP certs via DNS challenges
Eventually domain name could (or will) be banned by provider therefore backup clear net and darknet domains are in place.
Auto backup (ENABLED) - But on the host not the application level (Because it’s vulnerable)
CDN
The file servers are still not protected as good as the forums, however we have some tricks in our pockets
The file download and validation mechanism is built from scratch and therefore it’s a black box
Traffic is forced through Cloudflare
Real IPs are not masked but will be soon
SSH via TOR only
Auto update and upgrade (ENABLED)
Admin access
We are humans and so we understand that we need to eliminate human error factor, of course to protect ourselves, but more importantly protect the project.
Dedicated end points. So, no gaming, no chilling, no nothing on our endpoints except for this work only.
Dedicated accounts to null all possible correlation. We use stack overflow using a unique dedicated username on it. And same for ChatGPT by the way.
No direct admin access, neither on our endpoint nor on servers, there has to be extra authentication and authorization before any root level operation.
Always on TOR & VPN on our endpoints and MIFIs
Open or private wifi connection in the extremely unlikely case of tracing our IP address it won’t lead anywhere useful.
No single point of failure, in case someone was ran under the bus
Rotate keys, IPs, providers, servers, freelancers. Don’t trust any tool for too long.
Future plans and notes
Distribute hosting the forums on multiple host servers (Better redundancy and backup) leveraging k8s, and database replication.
Use more hidden networks services (like I2P and Loki) to promote more anonymity
Distribute CDN onto a cluster of servers
Rotating unnecessary data (ex: delete messages within a window of month) to minimise the damage of any breach that could happen in future.
Enable bittorrent download of files. But probably we’ll have to encrypt zip files to make our providers happy
Move away from MyBB as it is fragile by design (many plugins, themes, backend, etc ..)
Note: CloudFlare is playing a major role but we recognize that they are basically just MITM and we have to move away.
Note: unfortunately the first people to attack us (and make us stronger) were the people supposed to support us, and thus the use for this many firewalls
Obvious ones
Database is protected with its own user and password, and its network port is private
HTTPS traffic is enforced with 301 redirect for the clear net, and an onion link is advertised for better privacy
Payments are only accepted in Crypto coins (Monero is recommended) and to the public advertised addresses (Don’t get yourself phished
Please read the rules, contribute and enjoy your time here.
Forum is running as a container isolated from host to simplify migration to other hosts (in case), backup, defense and mitigate damage.
Forum is behind double reverse proxies
Close-end acting as web applications firewall WAF
Far-end managing traffic throttling, basic security, cache, authorizing sensitive endpoints
Host server is behind Cloudflare and it will simply drop all side connections
Users’ IP addresses are not logged in the forum’s database, and all records are removed within a week from other log files
- Email is not required to be confirmed[can use a total fake email]
SSH to host server will only allow TOR traffic to establish connection, forcing anonymity for system administrators and making it harder for brute force attacks.
Host system and system services are auto updated
Host real IP is masked using multiple techniques, and SSL fingerprinting is minimized by issuing HTTP certs via DNS challenges
Eventually domain name could (or will) be banned by provider therefore backup clear net and darknet domains are in place.
Auto backup (ENABLED) - But on the host not the application level (Because it’s vulnerable)
CDN
The file servers are still not protected as good as the forums, however we have some tricks in our pockets
The file download and validation mechanism is built from scratch and therefore it’s a black box
Traffic is forced through Cloudflare
Real IPs are not masked but will be soon
SSH via TOR only
nice notice
RE: ReBreached - Launch - forum OPSEC details - Bennetclaire - 08-13-2023
Let's go
RE: ReBreached - Launch - forum OPSEC details - danc2live - 08-13-2023
Mamamia
RE: ReBreached - Launch - forum OPSEC details - user9000 - 08-13-2023
(06-28-2023, 02:33 PM)ReBreached Wrote: Welcome to Rebreached Forum
we aim to offer more transparent security so below is our OPSEC details
OPSEC
-
Forums and host
Forum is running as a container isolated from host to simplify migration to other hosts (in case), backup, defense and mitigate damage.
Forum is behind double reverse proxies
Close-end acting as web applications firewall WAF
Far-end managing traffic throttling, basic security, cache, authorizing sensitive endpoints
Host server is behind Cloudflare and it will simply drop all side connections
Users’ IP addresses are not logged in the forum’s database, and all records are removed within a week from other log files
- Email is not required to be confirmed[can use a total fake email]
SSH to host server will only allow TOR traffic to establish connection, forcing anonymity for system administrators and making it harder for brute force attacks.
Host system and system services are auto updated
Host real IP is masked using multiple techniques, and SSL fingerprinting is minimized by issuing HTTP certs via DNS challenges
Eventually domain name could (or will) be banned by provider therefore backup clear net and darknet domains are in place.
Auto backup (ENABLED) - But on the host not the application level (Because it’s vulnerable)
CDN
The file servers are still not protected as good as the forums, however we have some tricks in our pockets
The file download and validation mechanism is built from scratch and therefore it’s a black box
Traffic is forced through Cloudflare
Real IPs are not masked but will be soon
SSH via TOR only
Auto update and upgrade (ENABLED)
Admin access
We are humans and so we understand that we need to eliminate human error factor, of course to protect ourselves, but more importantly protect the project.
Dedicated end points. So, no gaming, no chilling, no nothing on our endpoints except for this work only.
Dedicated accounts to null all possible correlation. We use stack overflow using a unique dedicated username on it. And same for ChatGPT by the way.
No direct admin access, neither on our endpoint nor on servers, there has to be extra authentication and authorization before any root level operation.
Always on TOR & VPN on our endpoints and MIFIs
Open or private wifi connection in the extremely unlikely case of tracing our IP address it won’t lead anywhere useful.
No single point of failure, in case someone was ran under the bus
Rotate keys, IPs, providers, servers, freelancers. Don’t trust any tool for too long.
Future plans and notes
Distribute hosting the forums on multiple host servers (Better redundancy and backup) leveraging k8s, and database replication.
Use more hidden networks services (like I2P and Loki) to promote more anonymity
Distribute CDN onto a cluster of servers
Rotating unnecessary data (ex: delete messages within a window of month) to minimise the damage of any breach that could happen in future.
Enable bittorrent download of files. But probably we’ll have to encrypt zip files to make our providers happy
Move away from MyBB as it is fragile by design (many plugins, themes, backend, etc ..)
Note: CloudFlare is playing a major role but we recognize that they are basically just MITM and we have to move away.
Note: unfortunately the first people to attack us (and make us stronger) were the people supposed to support us, and thus the use for this many firewalls
Obvious ones
Database is protected with its own user and password, and its network port is private
HTTPS traffic is enforced with 301 redirect for the clear net, and an onion link is advertised for better privacy
Payments are only accepted in Crypto coins (Monero is recommended) and to the public advertised addresses (Don’t get yourself phished
Please read the rules, contribute and enjoy your time here.
very nice
|