2023-11-26 23:29:14 +00:00
|
|
|
game:
|
|
|
|
|
max_episode_length: 128
|
|
|
|
|
ports:
|
|
|
|
|
- ARP
|
|
|
|
|
- DNS
|
|
|
|
|
- HTTP
|
|
|
|
|
- POSTGRES_SERVER
|
|
|
|
|
protocols:
|
|
|
|
|
- ICMP
|
|
|
|
|
- TCP
|
|
|
|
|
- UDP
|
|
|
|
|
|
|
|
|
|
agents:
|
2024-01-25 12:04:09 +00:00
|
|
|
- ref: client_2_green_user
|
2023-11-26 23:29:14 +00:00
|
|
|
team: GREEN
|
2024-04-16 11:26:17 +01:00
|
|
|
type: PeriodicAgent
|
2024-04-01 00:54:55 +01:00
|
|
|
observation_space: null
|
2023-11-26 23:29:14 +00:00
|
|
|
action_space:
|
|
|
|
|
action_list:
|
|
|
|
|
- type: DONOTHING
|
2024-04-16 11:26:17 +01:00
|
|
|
- type: NODE_APPLICATION_EXECUTE
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
options:
|
|
|
|
|
nodes:
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: client_2
|
2023-11-26 23:29:14 +00:00
|
|
|
max_folders_per_node: 1
|
|
|
|
|
max_files_per_folder: 1
|
|
|
|
|
max_services_per_node: 1
|
|
|
|
|
max_nics_per_node: 2
|
|
|
|
|
max_acl_rules: 10
|
|
|
|
|
|
|
|
|
|
reward_function:
|
|
|
|
|
reward_components:
|
|
|
|
|
- type: DUMMY
|
|
|
|
|
|
|
|
|
|
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
|
|
|
|
start_settings:
|
|
|
|
|
start_step: 25
|
|
|
|
|
frequency: 20
|
|
|
|
|
variance: 5
|
|
|
|
|
|
2024-02-08 09:19:18 +00:00
|
|
|
- ref: data_manipulation_attacker
|
2023-11-26 23:29:14 +00:00
|
|
|
team: RED
|
|
|
|
|
type: RedDatabaseCorruptingAgent
|
|
|
|
|
|
2024-04-01 00:54:55 +01:00
|
|
|
observation_space: null
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
action_space:
|
|
|
|
|
action_list:
|
|
|
|
|
- type: DONOTHING
|
|
|
|
|
- type: NODE_APPLICATION_EXECUTE
|
|
|
|
|
- type: NODE_FILE_DELETE
|
|
|
|
|
- type: NODE_FILE_CORRUPT
|
|
|
|
|
- type: NODE_OS_SCAN
|
|
|
|
|
options:
|
|
|
|
|
nodes:
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: client_1
|
2023-11-26 23:29:14 +00:00
|
|
|
applications:
|
2024-01-31 11:44:56 +00:00
|
|
|
- application_name: DataManipulationBot
|
2023-11-26 23:29:14 +00:00
|
|
|
max_folders_per_node: 1
|
|
|
|
|
max_files_per_folder: 1
|
|
|
|
|
max_services_per_node: 1
|
|
|
|
|
|
|
|
|
|
reward_function:
|
|
|
|
|
reward_components:
|
|
|
|
|
- type: DUMMY
|
|
|
|
|
|
|
|
|
|
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
|
|
|
|
start_settings:
|
|
|
|
|
start_step: 25
|
|
|
|
|
frequency: 20
|
|
|
|
|
variance: 5
|
|
|
|
|
|
|
|
|
|
- ref: defender1
|
|
|
|
|
team: BLUE
|
|
|
|
|
type: ProxyAgent
|
|
|
|
|
|
|
|
|
|
observation_space:
|
2024-04-01 00:54:55 +01:00
|
|
|
type: CUSTOM
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-04-01 00:54:55 +01:00
|
|
|
components:
|
|
|
|
|
- type: NODES
|
|
|
|
|
label: NODES
|
|
|
|
|
options:
|
|
|
|
|
hosts:
|
|
|
|
|
- hostname: domain_controller
|
|
|
|
|
- hostname: web_server
|
|
|
|
|
services:
|
|
|
|
|
- service_name: WebServer
|
|
|
|
|
- hostname: database_server
|
|
|
|
|
folders:
|
|
|
|
|
- folder_name: database
|
|
|
|
|
files:
|
|
|
|
|
- file_name: database.db
|
|
|
|
|
- hostname: backup_server
|
|
|
|
|
- hostname: security_suite
|
|
|
|
|
- hostname: client_1
|
|
|
|
|
- hostname: client_2
|
|
|
|
|
num_services: 1
|
|
|
|
|
num_applications: 0
|
|
|
|
|
num_folders: 1
|
|
|
|
|
num_files: 1
|
|
|
|
|
num_nics: 2
|
|
|
|
|
include_num_access: false
|
|
|
|
|
include_nmne: true
|
|
|
|
|
routers:
|
|
|
|
|
- hostname: router_1
|
|
|
|
|
num_ports: 0
|
|
|
|
|
ip_list:
|
|
|
|
|
- 192.168.1.10
|
|
|
|
|
- 192.168.1.12
|
|
|
|
|
- 192.168.1.14
|
|
|
|
|
- 192.168.1.16
|
|
|
|
|
- 192.168.1.110
|
|
|
|
|
- 192.168.10.21
|
|
|
|
|
- 192.168.10.22
|
|
|
|
|
- 192.168.10.110
|
|
|
|
|
wildcard_list:
|
|
|
|
|
- 0.0.0.1
|
|
|
|
|
port_list:
|
|
|
|
|
- 80
|
|
|
|
|
- 5432
|
|
|
|
|
protocol_list:
|
|
|
|
|
- ICMP
|
|
|
|
|
- TCP
|
|
|
|
|
- UDP
|
|
|
|
|
num_rules: 10
|
|
|
|
|
|
|
|
|
|
- type: LINKS
|
|
|
|
|
label: LINKS
|
|
|
|
|
options:
|
|
|
|
|
link_references:
|
2024-04-03 21:46:42 +01:00
|
|
|
- router_1:eth-1<->switch_1:eth-8
|
|
|
|
|
- router_1:eth-2<->switch_2:eth-8
|
|
|
|
|
- switch_1:eth-1<->domain_controller:eth-1
|
|
|
|
|
- switch_1:eth-2<->web_server:eth-1
|
|
|
|
|
- switch_1:eth-3<->database_server:eth-1
|
|
|
|
|
- switch_1:eth-4<->backup_server:eth-1
|
|
|
|
|
- switch_1:eth-7<->security_suite:eth-1
|
|
|
|
|
- switch_2:eth-1<->client_1:eth-1
|
|
|
|
|
- switch_2:eth-2<->client_2:eth-1
|
|
|
|
|
- switch_2:eth-7<->security_suite:eth-2
|
2024-04-01 00:54:55 +01:00
|
|
|
- type: "NONE"
|
|
|
|
|
label: ICS
|
|
|
|
|
options: {}
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
action_space:
|
|
|
|
|
action_list:
|
|
|
|
|
- type: DONOTHING
|
|
|
|
|
- type: NODE_SERVICE_SCAN
|
|
|
|
|
- type: NODE_SERVICE_STOP
|
|
|
|
|
- type: NODE_SERVICE_START
|
|
|
|
|
- type: NODE_SERVICE_PAUSE
|
|
|
|
|
- type: NODE_SERVICE_RESUME
|
|
|
|
|
- type: NODE_SERVICE_RESTART
|
|
|
|
|
- type: NODE_SERVICE_DISABLE
|
|
|
|
|
- type: NODE_SERVICE_ENABLE
|
2024-03-26 10:51:33 +00:00
|
|
|
- type: NODE_SERVICE_FIX
|
2023-11-26 23:29:14 +00:00
|
|
|
- type: NODE_FILE_SCAN
|
|
|
|
|
- type: NODE_FILE_CHECKHASH
|
|
|
|
|
- type: NODE_FILE_DELETE
|
|
|
|
|
- type: NODE_FILE_REPAIR
|
|
|
|
|
- type: NODE_FILE_RESTORE
|
|
|
|
|
- type: NODE_FOLDER_SCAN
|
|
|
|
|
- type: NODE_FOLDER_CHECKHASH
|
|
|
|
|
- type: NODE_FOLDER_REPAIR
|
|
|
|
|
- type: NODE_FOLDER_RESTORE
|
|
|
|
|
- type: NODE_OS_SCAN
|
|
|
|
|
- type: NODE_SHUTDOWN
|
|
|
|
|
- type: NODE_STARTUP
|
|
|
|
|
- type: NODE_RESET
|
2024-03-29 11:34:43 +00:00
|
|
|
- type: ROUTER_ACL_ADDRULE
|
|
|
|
|
- type: ROUTER_ACL_REMOVERULE
|
2024-03-31 11:59:31 +00:00
|
|
|
- type: HOST_NIC_ENABLE
|
|
|
|
|
- type: HOST_NIC_DISABLE
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
action_map:
|
|
|
|
|
0:
|
|
|
|
|
action: DONOTHING
|
|
|
|
|
options: {}
|
|
|
|
|
# scan webapp service
|
|
|
|
|
1:
|
|
|
|
|
action: NODE_SERVICE_SCAN
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
# stop webapp service
|
|
|
|
|
2:
|
|
|
|
|
action: NODE_SERVICE_STOP
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
# start webapp service
|
|
|
|
|
3:
|
|
|
|
|
action: "NODE_SERVICE_START"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
4:
|
|
|
|
|
action: "NODE_SERVICE_PAUSE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
5:
|
|
|
|
|
action: "NODE_SERVICE_RESUME"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
6:
|
|
|
|
|
action: "NODE_SERVICE_RESTART"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
7:
|
|
|
|
|
action: "NODE_SERVICE_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
8:
|
|
|
|
|
action: "NODE_SERVICE_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
|
|
|
|
9: # check database.db file
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NODE_FILE_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
10:
|
|
|
|
|
action: "NODE_FILE_CHECKHASH"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
11:
|
|
|
|
|
action: "NODE_FILE_DELETE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
12:
|
|
|
|
|
action: "NODE_FILE_REPAIR"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
13:
|
2024-03-26 10:51:33 +00:00
|
|
|
action: "NODE_SERVICE_FIX"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
14:
|
|
|
|
|
action: "NODE_FOLDER_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
15:
|
|
|
|
|
action: "NODE_FOLDER_CHECKHASH"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
16:
|
|
|
|
|
action: "NODE_FOLDER_REPAIR"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
17:
|
|
|
|
|
action: "NODE_FOLDER_RESTORE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
18:
|
|
|
|
|
action: "NODE_OS_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
19: # shutdown client 1
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NODE_SHUTDOWN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
20:
|
|
|
|
|
action: "NODE_STARTUP"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
21:
|
|
|
|
|
action: "NODE_RESET"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
|
|
|
|
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 1
|
|
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 1 # ALL
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 1
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2024-01-31 10:48:40 +00:00
|
|
|
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 1 # ALL
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 1
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2024-01-31 10:48:40 +00:00
|
|
|
24: # block tcp traffic from client 1 to web app
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 3
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 3 # web server
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2024-01-31 10:48:40 +00:00
|
|
|
25: # block tcp traffic from client 2 to web app
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 4
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 3 # web server
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
26:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 4 # database
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
27:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 6
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 4 # database
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
28:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 0
|
|
|
|
|
29:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 1
|
|
|
|
|
30:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 2
|
|
|
|
|
31:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 3
|
|
|
|
|
32:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 4
|
|
|
|
|
33:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 5
|
|
|
|
|
34:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 6
|
|
|
|
|
35:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 7
|
|
|
|
|
36:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 8
|
|
|
|
|
37:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 9
|
|
|
|
|
38:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_DISABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 0
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
39:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_ENABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 0
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
40:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_DISABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
41:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_ENABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
42:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_DISABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
43:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_ENABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
44:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_DISABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 3
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
45:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_ENABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 3
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
46:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_DISABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 4
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
47:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_ENABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 4
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
48:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_DISABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 4
|
|
|
|
|
nic_id: 1
|
2023-11-26 23:29:14 +00:00
|
|
|
49:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_ENABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 4
|
|
|
|
|
nic_id: 1
|
2023-11-26 23:29:14 +00:00
|
|
|
50:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_DISABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
51:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_ENABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
52:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_DISABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 6
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
53:
|
2024-03-31 11:59:31 +00:00
|
|
|
action: "HOST_NIC_ENABLE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 6
|
|
|
|
|
nic_id: 0
|
|
|
|
|
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
options:
|
|
|
|
|
nodes:
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: domain_controller
|
|
|
|
|
- node_name: web_server
|
|
|
|
|
- node_name: database_server
|
|
|
|
|
- node_name: backup_server
|
|
|
|
|
- node_name: security_suite
|
|
|
|
|
- node_name: client_1
|
|
|
|
|
- node_name: client_2
|
2023-11-26 23:29:14 +00:00
|
|
|
max_folders_per_node: 2
|
|
|
|
|
max_files_per_folder: 2
|
|
|
|
|
max_services_per_node: 2
|
|
|
|
|
max_nics_per_node: 8
|
|
|
|
|
max_acl_rules: 10
|
2024-04-15 11:50:08 +01:00
|
|
|
ip_list:
|
|
|
|
|
- 192.168.1.10
|
|
|
|
|
- 192.168.1.12
|
|
|
|
|
- 192.168.1.14
|
|
|
|
|
- 192.168.1.16
|
|
|
|
|
- 192.168.1.110
|
|
|
|
|
- 192.168.10.21
|
|
|
|
|
- 192.168.10.22
|
|
|
|
|
- 192.168.10.110
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
reward_function:
|
|
|
|
|
reward_components:
|
|
|
|
|
- type: DATABASE_FILE_INTEGRITY
|
|
|
|
|
weight: 0.5
|
|
|
|
|
options:
|
2023-12-14 14:04:43 +00:00
|
|
|
node_hostname: database_server
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_name: database
|
|
|
|
|
file_name: database.db
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- type: WEB_SERVER_404_PENALTY
|
|
|
|
|
weight: 0.5
|
|
|
|
|
options:
|
2023-12-14 14:04:43 +00:00
|
|
|
node_hostname: web_server
|
|
|
|
|
service_name: web_server_web_service
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
agent_settings:
|
|
|
|
|
# ...
|
|
|
|
|
|
|
|
|
|
- ref: defender2
|
|
|
|
|
team: BLUE
|
|
|
|
|
type: ProxyAgent
|
|
|
|
|
|
|
|
|
|
observation_space:
|
2024-04-01 00:54:55 +01:00
|
|
|
type: CUSTOM
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-04-01 00:54:55 +01:00
|
|
|
components:
|
|
|
|
|
- type: NODES
|
|
|
|
|
label: NODES
|
|
|
|
|
options:
|
|
|
|
|
hosts:
|
|
|
|
|
- hostname: domain_controller
|
|
|
|
|
- hostname: web_server
|
|
|
|
|
services:
|
|
|
|
|
- service_name: WebServer
|
|
|
|
|
- hostname: database_server
|
|
|
|
|
folders:
|
|
|
|
|
- folder_name: database
|
|
|
|
|
files:
|
|
|
|
|
- file_name: database.db
|
|
|
|
|
- hostname: backup_server
|
|
|
|
|
- hostname: security_suite
|
|
|
|
|
- hostname: client_1
|
|
|
|
|
- hostname: client_2
|
|
|
|
|
num_services: 1
|
|
|
|
|
num_applications: 0
|
|
|
|
|
num_folders: 1
|
|
|
|
|
num_files: 1
|
|
|
|
|
num_nics: 2
|
|
|
|
|
include_num_access: false
|
|
|
|
|
include_nmne: true
|
|
|
|
|
routers:
|
|
|
|
|
- hostname: router_1
|
|
|
|
|
num_ports: 0
|
|
|
|
|
ip_list:
|
|
|
|
|
- 192.168.1.10
|
|
|
|
|
- 192.168.1.12
|
|
|
|
|
- 192.168.1.14
|
|
|
|
|
- 192.168.1.16
|
|
|
|
|
- 192.168.1.110
|
|
|
|
|
- 192.168.10.21
|
|
|
|
|
- 192.168.10.22
|
|
|
|
|
- 192.168.10.110
|
|
|
|
|
wildcard_list:
|
|
|
|
|
- 0.0.0.1
|
|
|
|
|
port_list:
|
|
|
|
|
- 80
|
|
|
|
|
- 5432
|
|
|
|
|
protocol_list:
|
|
|
|
|
- ICMP
|
|
|
|
|
- TCP
|
|
|
|
|
- UDP
|
|
|
|
|
num_rules: 10
|
|
|
|
|
|
|
|
|
|
- type: LINKS
|
|
|
|
|
label: LINKS
|
|
|
|
|
options:
|
|
|
|
|
link_references:
|
2024-04-03 21:46:42 +01:00
|
|
|
- router_1:eth-1<->switch_1:eth-8
|
|
|
|
|
- router_1:eth-2<->switch_2:eth-8
|
|
|
|
|
- switch_1:eth-1<->domain_controller:eth-1
|
|
|
|
|
- switch_1:eth-2<->web_server:eth-1
|
|
|
|
|
- switch_1:eth-3<->database_server:eth-1
|
|
|
|
|
- switch_1:eth-4<->backup_server:eth-1
|
|
|
|
|
- switch_1:eth-7<->security_suite:eth-1
|
|
|
|
|
- switch_2:eth-1<->client_1:eth-1
|
|
|
|
|
- switch_2:eth-2<->client_2:eth-1
|
|
|
|
|
- switch_2:eth-7<->security_suite:eth-2
|
2024-04-01 00:54:55 +01:00
|
|
|
- type: "NONE"
|
|
|
|
|
label: ICS
|
|
|
|
|
options: {}
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
action_space:
|
|
|
|
|
action_list:
|
|
|
|
|
- type: DONOTHING
|
|
|
|
|
- type: NODE_SERVICE_SCAN
|
|
|
|
|
- type: NODE_SERVICE_STOP
|
|
|
|
|
- type: NODE_SERVICE_START
|
|
|
|
|
- type: NODE_SERVICE_PAUSE
|
|
|
|
|
- type: NODE_SERVICE_RESUME
|
|
|
|
|
- type: NODE_SERVICE_RESTART
|
|
|
|
|
- type: NODE_SERVICE_DISABLE
|
|
|
|
|
- type: NODE_SERVICE_ENABLE
|
2024-03-26 10:51:33 +00:00
|
|
|
- type: NODE_SERVICE_FIX
|
2023-11-26 23:29:14 +00:00
|
|
|
- type: NODE_FILE_SCAN
|
|
|
|
|
- type: NODE_FILE_CHECKHASH
|
|
|
|
|
- type: NODE_FILE_DELETE
|
|
|
|
|
- type: NODE_FILE_REPAIR
|
|
|
|
|
- type: NODE_FILE_RESTORE
|
|
|
|
|
- type: NODE_FOLDER_SCAN
|
|
|
|
|
- type: NODE_FOLDER_CHECKHASH
|
|
|
|
|
- type: NODE_FOLDER_REPAIR
|
|
|
|
|
- type: NODE_FOLDER_RESTORE
|
|
|
|
|
- type: NODE_OS_SCAN
|
|
|
|
|
- type: NODE_SHUTDOWN
|
|
|
|
|
- type: NODE_STARTUP
|
|
|
|
|
- type: NODE_RESET
|
2024-03-29 11:34:43 +00:00
|
|
|
- type: ROUTER_ACL_ADDRULE
|
|
|
|
|
- type: ROUTER_ACL_REMOVERULE
|
2024-03-31 11:59:31 +00:00
|
|
|
- type: HOST_NIC_ENABLE
|
|
|
|
|
- type: HOST_NIC_DISABLE
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
action_map:
|
|
|
|
|
0:
|
|
|
|
|
action: DONOTHING
|
|
|
|
|
options: {}
|
|
|
|
|
# scan webapp service
|
|
|
|
|
1:
|
|
|
|
|
action: NODE_SERVICE_SCAN
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
# stop webapp service
|
|
|
|
|
2:
|
|
|
|
|
action: NODE_SERVICE_STOP
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
# start webapp service
|
|
|
|
|
3:
|
|
|
|
|
action: "NODE_SERVICE_START"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
4:
|
|
|
|
|
action: "NODE_SERVICE_PAUSE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
5:
|
|
|
|
|
action: "NODE_SERVICE_RESUME"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
6:
|
|
|
|
|
action: "NODE_SERVICE_RESTART"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
7:
|
|
|
|
|
action: "NODE_SERVICE_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
8:
|
|
|
|
|
action: "NODE_SERVICE_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
|
|
|
|
9: # check database.db file
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NODE_FILE_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
10:
|
|
|
|
|
action: "NODE_FILE_CHECKHASH"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
11:
|
|
|
|
|
action: "NODE_FILE_DELETE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
12:
|
|
|
|
|
action: "NODE_FILE_REPAIR"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
13:
|
2024-03-26 10:51:33 +00:00
|
|
|
action: "NODE_SERVICE_FIX"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
14:
|
|
|
|
|
action: "NODE_FOLDER_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
15:
|
|
|
|
|
action: "NODE_FOLDER_CHECKHASH"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
16:
|
|
|
|
|
action: "NODE_FOLDER_REPAIR"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
17:
|
|
|
|
|
action: "NODE_FOLDER_RESTORE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
18:
|
|
|
|
|
action: "NODE_OS_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
19: # shutdown client 1
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NODE_SHUTDOWN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
20:
|
|
|
|
|
action: "NODE_STARTUP"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
21:
|
|
|
|
|
action: "NODE_RESET"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
|
|
|
|
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 1
|
|
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 1 # ALL
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 1
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2024-01-31 10:48:40 +00:00
|
|
|
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 1 # ALL
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 1
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2024-01-31 10:48:40 +00:00
|
|
|
24: # block tcp traffic from client 1 to web app
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 3
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 3 # web server
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2024-01-31 10:48:40 +00:00
|
|
|
25: # block tcp traffic from client 2 to web app
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 4
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 3 # web server
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
26:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 4 # database
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
27:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_ADDRULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 6
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 4 # database
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-04-15 11:50:08 +01:00
|
|
|
source_wildcard_id: 0
|
|
|
|
|
dest_wildcard_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
28:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 0
|
|
|
|
|
29:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 1
|
|
|
|
|
30:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 2
|
|
|
|
|
31:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 3
|
|
|
|
|
32:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 4
|
|
|
|
|
33:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 5
|
|
|
|
|
34:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 6
|
|
|
|
|
35:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 7
|
|
|
|
|
36:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 8
|
|
|
|
|
37:
|
2024-03-29 11:34:43 +00:00
|
|
|
action: "ROUTER_ACL_REMOVERULE"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-06-25 11:04:52 +01:00
|
|
|
target_router: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
position: 9
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
options:
|
|
|
|
|
nodes:
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: domain_controller
|
|
|
|
|
- node_name: web_server
|
|
|
|
|
- node_name: database_server
|
|
|
|
|
- node_name: backup_server
|
|
|
|
|
- node_name: security_suite
|
|
|
|
|
- node_name: client_1
|
|
|
|
|
- node_name: client_2
|
2023-11-26 23:29:14 +00:00
|
|
|
max_folders_per_node: 2
|
|
|
|
|
max_files_per_folder: 2
|
|
|
|
|
max_services_per_node: 2
|
|
|
|
|
max_nics_per_node: 8
|
|
|
|
|
max_acl_rules: 10
|
2024-04-15 11:50:08 +01:00
|
|
|
ip_list:
|
|
|
|
|
- 192.168.1.10
|
|
|
|
|
- 192.168.1.12
|
|
|
|
|
- 192.168.1.14
|
|
|
|
|
- 192.168.1.16
|
|
|
|
|
- 192.168.1.110
|
|
|
|
|
- 192.168.10.21
|
|
|
|
|
- 192.168.10.22
|
|
|
|
|
- 192.168.10.110
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
reward_function:
|
|
|
|
|
reward_components:
|
|
|
|
|
- type: DATABASE_FILE_INTEGRITY
|
|
|
|
|
weight: 0.5
|
|
|
|
|
options:
|
2023-12-14 14:04:43 +00:00
|
|
|
node_hostname: database_server
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_name: database
|
|
|
|
|
file_name: database.db
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- type: WEB_SERVER_404_PENALTY
|
|
|
|
|
weight: 0.5
|
|
|
|
|
options:
|
2023-12-14 14:04:43 +00:00
|
|
|
node_hostname: web_server
|
|
|
|
|
service_name: web_server_web_service
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
agent_settings:
|
|
|
|
|
# ...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
simulation:
|
|
|
|
|
network:
|
|
|
|
|
nodes:
|
|
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: router
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: router_1
|
|
|
|
|
num_ports: 5
|
|
|
|
|
ports:
|
|
|
|
|
1:
|
|
|
|
|
ip_address: 192.168.1.1
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
2:
|
|
|
|
|
ip_address: 192.168.1.1
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
acl:
|
|
|
|
|
0:
|
|
|
|
|
action: PERMIT
|
|
|
|
|
src_port: POSTGRES_SERVER
|
|
|
|
|
dst_port: POSTGRES_SERVER
|
|
|
|
|
1:
|
|
|
|
|
action: PERMIT
|
|
|
|
|
src_port: DNS
|
|
|
|
|
dst_port: DNS
|
|
|
|
|
22:
|
|
|
|
|
action: PERMIT
|
|
|
|
|
src_port: ARP
|
|
|
|
|
dst_port: ARP
|
|
|
|
|
23:
|
|
|
|
|
action: PERMIT
|
|
|
|
|
protocol: ICMP
|
|
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: switch
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: switch_1
|
|
|
|
|
num_ports: 8
|
|
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: switch
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: switch_2
|
|
|
|
|
num_ports: 8
|
|
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: server
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: domain_controller
|
|
|
|
|
ip_address: 192.168.1.10
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.1.1
|
|
|
|
|
services:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: DNSServer
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
|
|
|
|
domain_mapping:
|
|
|
|
|
arcd.com: 192.168.1.12 # web server
|
|
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: server
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: web_server
|
|
|
|
|
ip_address: 192.168.1.12
|
|
|
|
|
subnet_mask: 255.255.255.0
|
2024-02-26 12:15:53 +00:00
|
|
|
default_gateway: 192.168.1.1
|
2023-11-26 23:29:14 +00:00
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
services:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: WebServer
|
2024-02-26 12:15:53 +00:00
|
|
|
applications:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: DatabaseClient
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
|
|
|
|
db_server_ip: 192.168.1.14
|
|
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: server
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: database_server
|
|
|
|
|
ip_address: 192.168.1.14
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.1.1
|
|
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
services:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: DatabaseService
|
2023-11-26 23:29:14 +00:00
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: server
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: backup_server
|
|
|
|
|
ip_address: 192.168.1.16
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.1.1
|
|
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
services:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: FTPServer
|
2023-11-26 23:29:14 +00:00
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: server
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: security_suite
|
|
|
|
|
ip_address: 192.168.1.110
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.1.1
|
|
|
|
|
dns_server: 192.168.1.10
|
2024-02-05 08:44:10 +00:00
|
|
|
network_interfaces:
|
2023-11-26 23:29:14 +00:00
|
|
|
2: # unfortunately this number is currently meaningless, they're just added in order and take up the next available slot
|
|
|
|
|
ip_address: 192.168.10.110
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: computer
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: client_1
|
|
|
|
|
ip_address: 192.168.10.21
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.10.1
|
|
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
applications:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: DataManipulationBot
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
|
|
|
|
port_scan_p_of_success: 0.1
|
|
|
|
|
data_manipulation_p_of_success: 0.1
|
|
|
|
|
payload: "DELETE"
|
|
|
|
|
server_ip: 192.168.1.14
|
|
|
|
|
services:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: DNSClient
|
2023-11-26 23:29:14 +00:00
|
|
|
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: computer
|
2023-11-26 23:29:14 +00:00
|
|
|
hostname: client_2
|
|
|
|
|
ip_address: 192.168.10.22
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.10.1
|
|
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
applications:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: WebBrowser
|
2023-11-26 23:29:14 +00:00
|
|
|
services:
|
2024-04-03 22:52:06 +01:00
|
|
|
- type: DNSClient
|
2023-11-26 23:29:14 +00:00
|
|
|
|
|
|
|
|
links:
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: switch_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 8
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 2
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: switch_2
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 8
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: switch_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: domain_controller
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: switch_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 2
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: web_server
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: switch_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 3
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: database_server
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: switch_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 4
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: backup_server
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: switch_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 7
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: security_suite
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: switch_2
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: client_1
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: switch_2
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 2
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: client_2
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 1
|
2024-04-03 22:20:33 +01:00
|
|
|
- endpoint_a_hostname: switch_2
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_a_port: 7
|
2024-04-03 22:20:33 +01:00
|
|
|
endpoint_b_hostname: security_suite
|
2023-11-26 23:29:14 +00:00
|
|
|
endpoint_b_port: 2
|
