Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Embed a canary token as a trap #189

Closed
6 tasks done
Tracked by #37
commjoen opened this issue Feb 7, 2022 · 2 comments
Closed
6 tasks done
Tracked by #37

Embed a canary token as a trap #189

commjoen opened this issue Feb 7, 2022 · 2 comments
Assignees

Comments

@commjoen
Copy link
Collaborator

commjoen commented Feb 7, 2022

@commjoen
Copy link
Collaborator Author

@bendehaan if we want to do Challenge15 in people their own cloud the instruction would be like below, are we sure we want to do that?

Running Challenge15 in your own cloud only

When you want to include your own Canarytokens for your cloud-deployment, do the following:

  1. Fork the project
  2. Make sure you use the GCP ingress or AWS ingress scripts to generate an ingress for your project.
  3. Go to and select AWS Keys, in the webHook URL field add <your-domain-created-at-step1>/canaries/tokencallback
  4. Encrypt the received credentials so that Challenge15 candecrypt them again
  5. commit the unencrypted and encrypted materials to Git
  6. adapt the hints of Challenge 15 in your fork to point to your fork
  7. create a container and push it to your registry
  8. override the K8s definitionfiles.

@bendehaan
Copy link
Collaborator

Discussed out of band. For the record: start with a how to, possibly expand to custom (cloud?) solution later.

commjoen added a commit that referenced this issue Mar 30, 2022
#189 add temporal instructions for using canary tokens in own account
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants