Connecting your resources
Some organizations that consider SSH or HTTPS not secure enough, prefer to deal with more complex architectures by self-hosting and putting their source code repositories and application environments behind private networks.
Being able to access such resources is essential for Fluid Attacks' service.
We use Cloudflare Zero Trust Network Access for this.
Granting access to your resources
In order to grant Fluid Attacks access to your private resources, you need to:
Fill out the following form in order to provide us with the required details for setting up the secure connection. Once submitted, in less than 8 office hours you will receive a SECRET TOKEN that you will use in later steps.
Install cloudflared on the server you want to share. This will be the server used by Fluid Attacks to access your private network.
tipIf you intend to share access to several servers within the same private network, you only need to install
cloudflared
in one of them.Make sure the server where you installed
cloudflared
has firewall egress permissions for the required traffic.tipIf you intend to share access to several servers within the same private network, make sure your firewall rules allow communication among them.
As a system administrator, run the following command using the SECRET TOKEN provided by Fluid Attacks.
- Windows
- Linux & Mac
cloudflared.exe service install <SECRET TOKEN>
cloudflared service install <SECRET TOKEN>
cautionMake sure you run this command as a System Administrator.
Testing your connection
You can test your connection connectivity to make sure everything is working properly.
- Windows: Testing connectivity with Powershell
- Linux & Mac: Testing connectivity with dig
Restricting access in your private network
Fluid Attacks uses the server
in which you installed cloudflared
for accessing your private network.
We recommend creating
minimum privilege firewall rules
for the cloudflared server
in order to only expose those resources
that are necessary.
Additional support
If you require additional support, do not hesitate to contact us.