diff --git a/404.html b/404.html new file mode 100644 index 0000000..40bcef5 --- /dev/null +++ b/404.html @@ -0,0 +1,17 @@ + + + + + + + + + + nKode + + + + +404 Not Found + + \ No newline at end of file diff --git a/50x.html b/50x.html new file mode 100644 index 0000000..cc998b5 --- /dev/null +++ b/50x.html @@ -0,0 +1,17 @@ + + + + + + + + + + nKode + + + + + Internal Server Error + + \ No newline at end of file diff --git a/deploy.sh b/deploy.sh new file mode 100644 index 0000000..516d764 --- /dev/null +++ b/deploy.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +TMP_WEBAPP_DIR=/tmp/nkode_landing_page/ +TMP_TAR_DIR=/tmp/nkode_landing_page.tar + +mkdir -p "$TMP_WEBAPP_DIR" + +cp -r ./index.html "$TMP_WEBAPP_DIR" +cp -r ./404.html "$TMP_WEBAPP_DIR" +cp -r ./50x.html "$TMP_WEBAPP_DIR" +cp -r ./assets "$TMP_WEBAPP_DIR" + +export COPYFILE_DISABLE=1 +tar -cvf "$TMP_TAR_DIR" -C "$TMP_WEBAPP_DIR" . + +rm -rf $TMP_WEBAPP_DIR + +scp server_landing_page_deploy.sh dkelly@nkode.tech:/home/dkelly +scp "$TMP_TAR_DIR" dkelly@nkode.tech:/home/dkelly + +rm $TMP_TAR_DIR + + +# Run the deploy.sh script on the remote server using SSH +# ssh dkelly@nkode.tech 'sudo bash /home/dkelly/server_landing_page_deploy.sh' diff --git a/index.html b/index.html index 98e0b17..fec1105 100644 --- a/index.html +++ b/index.html @@ -39,7 +39,7 @@
@@ -70,7 +70,7 @@ @@ -79,11 +79,16 @@
-

+
nKode is easier to remember and more secure than a password -

+
+ +
+
-

Create an nKode

+

How To Create an nKode

1. Enter your email

2. Set your nKode

@@ -108,17 +113,17 @@

How nKode Works

-

Interface Settings

+

Keypad Settings

- Your nKode interface is configurable. - Under advanced settings, you can change the number of keys and the number of attributes per key. - (from this point forward, this document will use the term attribute instead of icon) + Your nKode keypad is configurable. + Under advanced settings, you can change the number of keys and the number of attributes (icon) per key. + From this point forward, we will use the term attribute instead of icon.

Account Creation

The server is able to deduce your nKode from two entries. - Notice how, in the set and confirm images below, no attribute in the set nKode interface share a key with any other attribute in the confirm. + Notice how, in the set and confirm keypads below, no attribute in the set keypad share a key with any other attribute in the confirm keypad. This is called an attribute dispersion.

@@ -127,26 +132,26 @@

Attribute Dispersion

- The login interface looks different than the set and confirm interfaces. + The login keypad looks different from the set and confirm keypads. It has three more attributes per key. A dispersion is possible if the number of attributes per key is less than or equal to the total number of keys. - Since the login interface has more attributes per key than keys, we call this a dispersion-resistant interface. - If a malicious actor steals your interface, they can use your interface to phish for your nKode. - If the login interface was dispersable, an attack might go like this: + Since the login keypad has more attributes per key than keys, we call this a dispersion-resistant keypad. + If a malicious actor steals your keypad, they can use your keypad to phish for your nKode. + If the login keypad was dispersable, an attack might go like this:

  1. You click a malicious link from your email or text saying you need to authorize USPS to send you a package (or whatever the latest scam is today).
    2. -
  2. You're redirected to a site with your nKode interface requesting authorization with your nKode.
    3. +
  3. You're redirected to a site with your nKode keypad requesting authorization with your nKode.
  4. You enter your nKode, but you're informed you entered the wrong nKode.
    5. -
  5. The attacker disperses your interface and requests you enter your nKode again.
    6. +
  6. The attacker disperses your keypad and requests you enter your nKode again.
  7. You enter it again, and your nKode is stolen.

The greater the difference between the number of attributes per key and the number of keys, the greater the dispersion resistance, which comes with trade-offs. If there are too few keys, it becomes easier to randomly enter keys and accidentally get into your account without actually knowing your nKode. - If you increase the number of keys without increasing the number of attributes per key, your interface becomes more dispersable. - If you have too many attributes and keys, the interface is too busy, which makes it challenging to find your attributes. + If you increase the number of keys without increasing the number of attributes per key, your keypad becomes more dispersable. + If you have too many attributes and keys, the keypad is too busy, which makes it challenging to find your attributes.

Server-Side Attributes

@@ -177,7 +182,7 @@

@@ -189,7 +194,7 @@

At the time of this writing, nKode is only a demo web application. Ideally, all nKode authentication is done through a mobile application. - A mobile application can make nKode more secure by requiring passkeys and biometric authentication to get the nKode interface. + A mobile application can make nKode more secure by requiring passkeys and biometric authentication to get the nKode keypad. This makes it very difficult to steal or use your nKode.

1. MFA Prompt Bombing
@@ -205,10 +210,10 @@ Since a user has to look for their nKode, it prevents them from quickly typing in a passcode without thinking, giving them a chance to reconsider their decision.

2. Service Desk Social Engineering: Scattered Spider

- An nKode interface is made from any visual attribute. + An nKode keypad is made from any visual attribute. To make this more concrete, take a look at Flaticon. - If every employee at the service desk has a randomly generated interface from abstract visual attributes like those found on Flaticon, an employee would have difficulty explaining their nKode. - Moreover, this interface can be further protected with a 2FA keycard so only the employee can render their interface. + If every employee at the service desk has a randomly generated keypad from abstract visual attributes like those found on Flaticon, an employee would have difficulty explaining their nKode. + Moreover, this keypad can be further protected with a 2FA keycard so only the employee can render their keypad. For an attacker to get a target's nKode, they'd have to be with the target, and the targeted employee would have to point to the attributes on their screen since they're difficult to describe in words. The attacker must also steal the employee's 2FA keycard to render the login screen.

diff --git a/nginx.config b/landing_page_nginx.config similarity index 80% rename from nginx.config rename to landing_page_nginx.config index 68a81c6..727be0b 100644 --- a/nginx.config +++ b/landing_page_nginx.config @@ -1,23 +1,23 @@ -# Redirect all traffic from www.app.nkode.tech to app.nkode.tech +# Redirect all traffic from www.nkode.tech to nkode.tech server { listen 80; - server_name www.app.nkode.tech; + server_name www.nkode.tech; - return 301 https://app.nkode.tech$request_uri; + return 301 https://nkode.tech$request_uri; } -# Redirect HTTP to HTTPS for app.nkode.tech +# Redirect HTTP to HTTPS for nkode.tech server { listen 80; - server_name app.nkode.tech; + server_name nkode.tech; return 301 https://$host$request_uri; } -# Main server block for app.nkode.tech with SSL and content configuration +# Main server block for nkode.tech with SSL and content configuration server { listen 443 ssl http2; - server_name app.nkode.tech; + server_name nkode.tech; ssl_certificate /etc/letsencrypt/live/nkode.tech/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/nkode.tech/privkey.pem; @@ -39,7 +39,7 @@ server { add_header Referrer-Policy "no-referrer-when-downgrade"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; - root /var/www/webapp; + root /var/www/nkode_landing_page; index index.html; # Routing for Flutter SPA @@ -56,12 +56,12 @@ server { # Error pages error_page 404 /404.html; location = /404.html { - root /var/www/webapp; + root /var/www/nkode_landing_page; } error_page 500 502 503 504 /50x.html; location = /50x.html { - root /var/www/webapp; + root /var/www/nkode_landing_page; } # Optional: Enable Gzip Compression diff --git a/server_landing_page_deploy.sh b/server_landing_page_deploy.sh new file mode 100644 index 0000000..b28f661 --- /dev/null +++ b/server_landing_page_deploy.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +APP_DIR=nkode_landing_page +TAR_FILE=nkode_landing_page.tar + +# Check if the tar file exists +if [ ! -f $TAR_FILE ]; then + echo "Error: $TAR_FILE not found." + exit 1 +fi + +# Create the target directory if it doesn't exist +mkdir -p $APP_DIR + +# Extract the contents of the tar file into the target directory +tar -xvf $TAR_FILE -C $APP_DIR + +# Check if extraction was successful +if [ "$(ls -A $APP_DIR)" ]; then + echo "Extraction successful." +else + echo "Error: No files extracted into $APP_DIR." + exit 1 +fi + +# Remove the existing directory if it exists in /var/www +if [ -d /var/www/$APP_DIR ]; then + rm -r /var/www/$APP_DIR +fi + +# Move the newly extracted directory to /var/www +mv $APP_DIR /var/www + +# Restart Nginx to apply changes +systemctl restart nginx + +echo "Deployment successful."