Accessing PTS Apps - n05urpr1532-MHA-Team/PTS-Team GitHub Wiki

Table of Contents

  1. Intro
  2. End State Execution
    1. IP & Port
    2. Domain & Port
    3. Subdomain & Domain
  3. Conclusion

1. Intro

Accessing applications may appear to be odd through PlexGuide; but will realize that accessing applications is the same as you have done utilizing other operating systems (MAC/Windows). Applications generated by PlexGuide are accessed through one of the three ways; via subdomain-domain, domain-port, and/or through ipv4-port.

2. End State Execution

What does this mean? It boils down to the what the application produces at the end for you to access. Notice below that the are several different vectors in-which the application can be accessed.

I. IP & Port:

This is the most common way that an application may be accessed. If you are accessing your applications through this method; it would not be ideal for general internet usage. Why? It's because the server can easily accessed or subject to an attack by an adversary who is conducting a recon through the use of a port scan. If utilizing a server internally with in your network or through a local virtual machine, this will be the most common route. For example, deploying NETDATA may generate the address of 192.168.1.50:19999. Final Note, it may be ideal to lock your internal server down with a fixed ip address rather than routing providing a random address every several days.

II. Domain & Port

As noted above, this would still not be ideal because your domain address is tied to an IP Address or the domain is utilized as a forwarding domain. This will still generate the same concern as listed above in that your ports can be scanned by any adversarial forces on the Internet. It would be recommend to close your ports via portguard and apPTSuard. If internal, you can actually use duckdns to have a domain reach your virtual machines/servers within your network, but again; your server may subject to an attack.

Notice that LABEL 1 says the site is not secure. That is bad in general because the data your accessing is not encrypted. If an adversary were to conduct a man-in-the middle attack, it would be easy for anyone on the Internet through the use of a series of tools to capture data between yourself and remote server. LABEL2 just demonstrates that domain and IP address were utilized. In this example, Traefik was not setup and the domain pointed to the IP address.

III. Subdomain & Domain

This would be the most ideal route for you to access your applications. By doing so, the adversary would have to attempt to attack your server through the use of a domain/subdomain list. This would be rare due to the amount of effort that an adversary would have to put forth to discover your services. Accessing your programs through the use of a subdomain/domain is generally useful by typing a domain such as netdata.mydomain.com.

Notice the LABEL 1 in the picture above. This is the best way to access your server because the data between you and the server's access is encrypted. If you are utilizing an internal server, this part would not matter.

3. Conclusion

So to wrap this all up, there are multiple way to access your applications. The more secure you want your site to be, the more effort you will have to put to lock it down. Regardless, now you understand how to access your applications through three different ways as shown above.