@ -39,6 +39,7 @@ These tools are not vital to Mistborn itself but are integrated to enhance secur
- [Pi-hole](https://pi-hole.net): A DNS server for network-wide ad blocking, etc
- [Pi-hole](https://pi-hole.net): A DNS server for network-wide ad blocking, etc
- [DNScrypt](https://www.dnscrypt.org): prevents DNS spoofing via cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered
- [DNScrypt](https://www.dnscrypt.org): prevents DNS spoofing via cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered
- [Traefik](https://docs.traefik.io): A modern, efficient reverse-proxy
- [Traefik](https://docs.traefik.io): A modern, efficient reverse-proxy
- [Wazuh](https://wazuh.com/): Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.
Within Mistborn is a panel to enable and manage these free extra services (off by default), locally hosted in Docker containers:
Within Mistborn is a panel to enable and manage these free extra services (off by default), locally hosted in Docker containers:
- [Home Assistant](https://www.home-assistant.io): Open source home automation that puts local control and privacy first
- [Home Assistant](https://www.home-assistant.io): Open source home automation that puts local control and privacy first
@ -109,6 +110,16 @@ Mistborn protects your data in a variety of ways:
See the [Mistborn Network Security](https://gitlab.com/cyber5k/mistborn/-/wikis/Mistborn-Network-Security) wiki page to see more network diagrams and the network scan results for Mistborn.
See the [Mistborn Network Security](https://gitlab.com/cyber5k/mistborn/-/wikis/Mistborn-Network-Security) wiki page to see more network diagrams and the network scan results for Mistborn.
# Security Information & Event Management (SIEM)
The Mistborn Security Operations Center provides SIEM services with Wazuh. The Wazuh Manager requires an Open Distro for Elasticsearch backend. When the Mistborn host has >8 GB RAM the provided Elasticsearch backend can be used. Just click "Start Wazuh" on the `Security Center` page and enjoy your Enterprise-grade SIEM. Wazuh agents can be installed on just about any OS and all Wazuh agent traffic is communicated over the Wireguard connections. Instructions for adding endpoint agents can be found within Wazuh itself.
Pihole provides a way to block outgoing DNS requests for given lists of blocked domains. Coppercloud provides a way to block outgoing network calls of all types to given lists of IP addresses (IPv4 only for now). This is especially useful for blocking outgoing telemetry (data and state sharing) to owners of software running on all of your devices.
Pihole provides a way to block outgoing DNS requests for given lists of blocked domains. Coppercloud provides a way to block outgoing network calls of all types to given lists of IP addresses (IPv4 only for now). This is especially useful for blocking outgoing telemetry (data and state sharing) to owners of software running on all of your devices.
@ -290,6 +301,7 @@ Mistborn uses the following domains (that can be reached by all Wireguard client
| Jitsi | jitsi.mistborn | Off |
| Jitsi | jitsi.mistborn | Off |
| Guacamole | guac.mistborn | Off |
| Guacamole | guac.mistborn | Off |
| RaspAP | raspap.mistborn | Off |
| RaspAP | raspap.mistborn | Off |
| Wazuh | wazuh.mistborn | Off |
# Default Credentials
# Default Credentials
These are the default credentials to use in the services you choose to use:
These are the default credentials to use in the services you choose to use:
@ -298,6 +310,7 @@ These are the default credentials to use in the services you choose to use:
Steven Foerster
5 years ago