@@ -89,6 +89,38 @@ Areas for Technical requirements to be written:
**TODO: specific known attack vectors to apply to appropriate requirements**
### Authentication
### Logging
Aki is doing this one probably:
Threat: someone (maybe VPN provider) gets access to remote logs
- TR: don't remotely log sensitive info
- TR: don't remotely log identifying info
- TR: don't remotely log anything
- TR: delete remote logs frequently
Threat: someone is trying to login to your VPN
- TR: log access attempts
Threat: attacker has access to your VPN client/network, changes config
- TR: log configuration changes
Threat: attacker deletes local logs to hide activity
- TR: send selected logs to a remote server
### Betrayal by VPN provider
- TR
### Transmitting data in the clear
- Credential harvesting
- phishing
- not our problem
@@ -97,8 +129,6 @@ Areas for Technical requirements to be written:
Requirement: for each method of authenticating and each transport method, authenticate, capture the traffic, search for a string matching the plain-text credentials. and document it all
- Logging
- TR: send logs to a remote server
- compromised devices
- TR: threat detection (traffic analysis)
- require AV, XDR, SIEM, SOAR, etc. or provide it yourself
@@ -240,18 +270,6 @@ User-manageable VPN settings shall be configurable in a manner that introducing
- MFA, obviously
Personal VPNs: don't log traffic activity
Any logged traffic activity is subject to replay exposure, protect it jealously and rotate logs frequently
Go into enterprise security here, specifically describe potential mitigations that may be complimentary to VPN
- rotate logs that may expose proprietary data frequently
