From f6a6c3dde586e8c4c1fa006043b6a550c0e360e9 Mon Sep 17 00:00:00 2001 From: Archer Bowen Date: Tue, 25 Feb 2025 16:56:46 +0000 Subject: [PATCH] #2483 Addressed inconsistent naming schema. Now all some tech networks will be referenced using a underscore. E.g "ST-PROJ-A-PRV-PC-1" has now been changed to "ST_PROJ-A-PRV-PC-1". --- .../config/_package_data/uc7_config.yaml | 754 ++++++++--------- .../_package_data/uc7_config_tap003.yaml | 776 +++++++++--------- .../TAP001_PC1.yaml | 4 +- .../TAP001_PC2.yaml | 4 +- .../TAP001_PC3.yaml | 4 +- .../uc7_multiple_attack_variants/TAP003.yaml | 26 +- .../uc7_config_no_red.yaml | 750 ++++++++--------- src/primaite/notebooks/UC7-E2E-Demo.ipynb | 184 ++--- .../notebooks/UC7-TAP001-Kill-Chain-E2E.ipynb | 52 +- .../notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb | 110 +-- .../notebooks/UC7-attack-variants.ipynb | 40 +- .../notebooks/UC7-network_connectivity.ipynb | 48 +- .../uc7/uc7_network_detailed_svg.svg | 2 +- .../e2e_integration_tests/test_uc7_agents.py | 20 +- .../test_uc7_route_connectivity.py | 52 +- .../test_uc7_services_and_applications.py | 40 +- .../test_abstract_tap.py | 2 +- .../test_tap001_kill_chain_stages.py | 2 +- .../test_tap001_propagate_stage.py | 2 +- .../test_tap003_kill_chain_stages.py | 8 +- .../test_tap003_multiple_rules.py | 16 +- .../test_threat_actor_profile_settings.py | 2 +- 22 files changed, 1449 insertions(+), 1449 deletions(-) diff --git a/src/primaite/config/_package_data/uc7_config.yaml b/src/primaite/config/_package_data/uc7_config.yaml index 8581a339..85b67bc6 100644 --- a/src/primaite/config/_package_data/uc7_config.yaml +++ b/src/primaite/config/_package_data/uc7_config.yaml @@ -73,7 +73,7 @@ SOME_TECH_PROJECT_C_SUBNET: &ST_PROJ_C_SUBNET 255.255.255.248 # # Host & Server Configurations # -# ST Public Web Server | web-server | ST-DMZ-PUB-SRV-WEB +# ST Public Web Server | web-server | ST_DMZ-PUB-SRV-WEB SOME_TECH_PUBLIC_SERVER_WEB_IP_ADDRESS: &ST_PUB_SRV_WEB_IP 192.168.100.2 SOME_TECH_PUBLIC_SERVER_WEB_CONFIG: &ST_SRV_WEB_CONFIG # - type: web-server @@ -86,12 +86,12 @@ PUBLIC_DNS_CONFIG: &PUBLIC_DNS_CONFIG # domain_mapping: some_tech.com: *ST_PUB_SRV_WEB_IP -# ST Private Storage Server | ftp-server | ST-DATA-PRV-SRV-STORAGE +# ST Private Storage Server | ftp-server | ST_DATA-PRV-SRV-STORAGE SOME_TECH_PRIVATE_SERVER_STORAGE_IP: &ST_SRV_STORAGE_IP 192.168.220.2 SOME_TECH_PRIVATE_SERVER_STORAGE_CONFIG: &ST_SRV_STORAGE_CONFIG - type: ftp-server -# ST Private Database Server | database-client & ftp-client | ST-DATA-PRV-SRV-DB +# ST Private Database Server | database-client & ftp-client | ST_DATA-PRV-SRV-DB SOME_TECH_PRIVATE_SERVER_DATABASE_IP: &ST_SRV_DB_IP 192.168.220.3 SOME_TECH_PRIVATE_SERVER_DATABASE_CONFIG: &ST_SRV_DB_CONFIG - type: database-service @@ -319,7 +319,7 @@ simulation: # SOME_TECH DMZ SUBNET # ######################## - - hostname: ST-PUB-FW + - hostname: ST_PUB-FW type: firewall ports: external_port: # Public Internet Facing Port @@ -410,7 +410,7 @@ simulation: #next_hop_ip_address: 10.1.100.1 next_hop_ip_address: 192.168.150.2 - - hostname: ST-DMZ-PUB-SRV-WEB + - hostname: ST_DMZ-PUB-SRV-WEB type: server ip_address: *ST_PUB_SRV_WEB_IP subnet_mask: *ST_DMZ_SUBNET @@ -422,7 +422,7 @@ simulation: # SOME_TECH INTRANET SUBNET # ############################# - - hostname: ST-INTRA-PRV-RT-CR + - hostname: ST_INTRA-PRV-RT-CR type: router ports: 1: @@ -461,7 +461,7 @@ simulation: 5: action: PERMIT - - hostname: ST-INTRA-PRV-RT-DR-1 + - hostname: ST_INTRA-PRV-RT-DR-1 type: router ports: 1: @@ -482,7 +482,7 @@ simulation: 5: action: PERMIT - - hostname: ST-INTRA-PRV-RT-DR-2 + - hostname: ST_INTRA-PRV-RT-DR-2 type: router default_gateway: 192.168.170.1 ports: @@ -505,30 +505,30 @@ simulation: # SOME_TECH HEAD OFFICE SUBNET # ################################ - - hostname: ST-HO-PRV-SW-AS + - hostname: ST_HO-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-HO-PRV-PC-1 + - hostname: ST_HO-PRV-PC-1 type: computer ip_address: 192.168.200.2 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HO-PRV-PC-2 + - hostname: ST_HO-PRV-PC-2 type: computer ip_address: 192.168.200.3 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HO-PRV-PC-3 + - hostname: ST_HO-PRV-PC-3 type: computer ip_address: 192.168.200.4 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -537,30 +537,30 @@ simulation: # SOME_TECH HUMAN RESOURCES SUBNET # #################################### - - hostname: ST-HR-PRV-SW-AS + - hostname: ST_HR-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-HR-PRV-PC-1 + - hostname: ST_HR-PRV-PC-1 type: computer ip_address: 192.168.210.2 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HR-PRV-PC-2 + - hostname: ST_HR-PRV-PC-2 type: computer ip_address: 192.168.210.3 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HR-PRV-PC-3 + - hostname: ST_HR-PRV-PC-3 type: computer ip_address: 192.168.210.4 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -569,11 +569,11 @@ simulation: # SOME_TECH DATA SUBNET # ######################### - - hostname: ST-DATA-PRV-SW-AS + - hostname: ST_DATA-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-DATA-PRV-SRV-STORAGE + - hostname: ST_DATA-PRV-SRV-STORAGE type: server ip_address: *ST_SRV_STORAGE_IP subnet_mask: *ST_DATA_SUBNET @@ -582,7 +582,7 @@ simulation: services: *ST_SRV_STORAGE_CONFIG - - hostname: ST-DATA-PRV-SRV-DB + - hostname: ST_DATA-PRV-SRV-DB type: server ip_address: *ST_SRV_DB_IP subnet_mask: *ST_DATA_SUBNET @@ -595,30 +595,30 @@ simulation: # SOME_TECH PROJECT A # ####################### - - hostname: ST-PROJ-A-PRV-SW-AS + - hostname: ST_PROJ-A-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-A-PRV-PC-1 + - hostname: ST_PROJ-A-PRV-PC-1 type: computer ip_address: 192.168.230.2 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-A-PRV-PC-2 + - hostname: ST_PROJ-A-PRV-PC-2 type: computer ip_address: 192.168.230.3 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-A-PRV-PC-3 + - hostname: ST_PROJ-A-PRV-PC-3 type: computer ip_address: 192.168.230.4 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -627,30 +627,30 @@ simulation: # SOME_TECH PROJECT B # ####################### - - hostname: ST-PROJ-B-PRV-SW-AS + - hostname: ST_PROJ-B-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-B-PRV-PC-1 + - hostname: ST_PROJ-B-PRV-PC-1 type: computer ip_address: 192.168.240.2 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-B-PRV-PC-2 + - hostname: ST_PROJ-B-PRV-PC-2 type: computer ip_address: 192.168.240.3 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-B-PRV-PC-3 + - hostname: ST_PROJ-B-PRV-PC-3 type: computer ip_address: 192.168.240.4 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -659,30 +659,30 @@ simulation: # SOME_TECH PROJECT C # ####################### - - hostname: ST-PROJ-C-PRV-SW-AS + - hostname: ST_PROJ-C-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-C-PRV-PC-1 + - hostname: ST_PROJ-C-PRV-PC-1 type: computer ip_address: 192.168.250.2 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-C-PRV-PC-2 + - hostname: ST_PROJ-C-PRV-PC-2 type: computer ip_address: 192.168.250.3 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-C-PRV-PC-3 + - hostname: ST_PROJ-C-PRV-PC-3 type: computer ip_address: 192.168.250.4 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -788,13 +788,13 @@ simulation: # Internet Router (Port 4) --> Some Tech DMZ Firewall (External Port) - endpoint_a_hostname: ISP-PUB-RT-BR endpoint_a_port: 4 - endpoint_b_hostname: ST-PUB-FW + endpoint_b_hostname: ST_PUB-FW endpoint_b_port: 1 # Some Tech DMZ Firewall (DMZ Port) --> Some Tech Web Server (Port 1) - - endpoint_a_hostname: ST-PUB-FW + - endpoint_a_hostname: ST_PUB-FW endpoint_a_port: 3 - endpoint_b_hostname: ST-DMZ-PUB-SRV-WEB + endpoint_b_hostname: ST_DMZ-PUB-SRV-WEB endpoint_b_port: 1 ############################ @@ -802,27 +802,27 @@ simulation: ############################ # Some Tech Intranet CR Router (Port 1) --> Some Tech DMZ Firewall (Internal Port) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 1 - endpoint_b_hostname: ST-PUB-FW + endpoint_b_hostname: ST_PUB-FW endpoint_b_port: 2 # Some Tech Intranet CR Router (Port 2) --> Some Tech Intranet DR Router 1 (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 2 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-1 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_b_port: 1 # Some Tech Intranet CR Router (Port 3) --> Some Tech Intranet DR Router 2 (Port 2) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 3 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 1 # Some Tech Intranet Private Router CR (Port 4) --> Some Tech Data Private Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 4 - endpoint_b_hostname: ST-DATA-PRV-SW-AS + endpoint_b_hostname: ST_DATA-PRV-SW-AS endpoint_b_port: 1 @@ -831,27 +831,27 @@ simulation: ############################### # Some Tech Head Office Switch (Port 1) --> Some Tech Intranet Private Router DR 2 (Port 2) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 1 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 2 # Some Tech Head Office Switch (Port 2) --> Some Tech Head Office PC 1 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-HO-PRV-PC-1 + endpoint_b_hostname: ST_HO-PRV-PC-1 endpoint_b_port: 1 # Some Tech Head Office Switch (Port 3) --> Some Tech Head Office PC 2 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-HO-PRV-PC-2 + endpoint_b_hostname: ST_HO-PRV-PC-2 endpoint_b_port: 1 # Some Tech Head Office Switch (Port 4) --> Some Tech Head Office PC 3 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-HO-PRV-PC-3 + endpoint_b_hostname: ST_HO-PRV-PC-3 endpoint_b_port: 1 @@ -860,27 +860,27 @@ simulation: ################################### # Some Tech Human Resources Switch (Port 1) --> Some Tech Intranet Private Router DR 2 (Port 3) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 1 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 3 # Some Tech Human Resources Switch (Port 2) --> Some Tech Human Resources PC 1 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-HR-PRV-PC-1 + endpoint_b_hostname: ST_HR-PRV-PC-1 endpoint_b_port: 1 # Some Tech Human Resources Switch (Port 3) --> Some Tech Human Resources PC 2 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-HR-PRV-PC-2 + endpoint_b_hostname: ST_HR-PRV-PC-2 endpoint_b_port: 1 # Some Tech Human Resources Switch (Port 4) --> Some Tech Human Resources PC 3 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-HR-PRV-PC-3 + endpoint_b_hostname: ST_HR-PRV-PC-3 endpoint_b_port: 1 ######################## @@ -888,16 +888,16 @@ simulation: ######################## # Some Tech Data Switch (Port 2) --> Some Tech Data Private Storage Server (Port 1) - - endpoint_a_hostname: ST-DATA-PRV-SW-AS + - endpoint_a_hostname: ST_DATA-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-DATA-PRV-SRV-STORAGE + endpoint_b_hostname: ST_DATA-PRV-SRV-STORAGE endpoint_b_port: 1 # Some Tech Data Switch (Port 3) --> Some Tech Data Private Database Server (Port 1) - - endpoint_a_hostname: ST-DATA-PRV-SW-AS + - endpoint_a_hostname: ST_DATA-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-DATA-PRV-SRV-DB + endpoint_b_hostname: ST_DATA-PRV-SRV-DB endpoint_b_port: 1 ############################# @@ -905,27 +905,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 2) --> Some Tech Private Project A Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-A-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-A-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 2) --> Some Tech Project A PC 1 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 3) --> Some Tech Project A PC 2 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 4) --> Some Tech Project A PC 3 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-3 endpoint_b_port: 1 ############################# @@ -933,27 +933,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 3) --> Some Tech Private Project B Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-B-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-B-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 2) --> Some Tech Project B PC 1 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 3) --> Some Tech Project B PC 2 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 4) --> Some Tech Project B PC 3 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-3 endpoint_b_port: 1 ############################# @@ -961,27 +961,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 4) --> Some Tech Private Project C Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-C-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-C-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 2) --> Some Tech Project C PC 1 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 3) --> Some Tech Project C PC 2 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 4) --> Some Tech Project C PC 3 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-3 endpoint_b_port: 1 ################################## @@ -1042,18 +1042,18 @@ UC7_IP_LIST: &UC7_IP_LIST - 192.168.20.3 # REM-PUB-PC-2 | ip_id: 6 - 192.168.20.4 # REM-PUB-SRV | ip_id: 7 # ====== ST Public DMZ ======= - - *ST_PUB_SRV_WEB_IP # 192.168.100.2 (ST-DMZ-PUB-SRV-WEB) | ip_id: 8 + - *ST_PUB_SRV_WEB_IP # 192.168.100.2 (ST_DMZ-PUB-SRV-WEB) | ip_id: 8 # ====== ST Head Office ======= - - 192.168.200.2 # ST-HO-PRV-PC-1 | ip_id: 9 - - 192.168.200.3 # ST-HO-PRV-PC-2 | ip_id: 10 - - 192.168.200.4 # ST-HO-PRV-PC-3 | ip_id: 11 + - 192.168.200.2 # ST_HO-PRV-PC-1 | ip_id: 9 + - 192.168.200.3 # ST_HO-PRV-PC-2 | ip_id: 10 + - 192.168.200.4 # ST_HO-PRV-PC-3 | ip_id: 11 # ===== ST Human Resources ====== - - 192.168.210.2 # ST-HR-PRV-PC-1 | ip_id: 12 - - 192.168.210.3 # ST-HR-PRV-PC-2 | ip_id: 13 - - 192.168.210.4 # ST-HR-PRV-PC-3 | ip_id: 14 + - 192.168.210.2 # ST_HR-PRV-PC-1 | ip_id: 12 + - 192.168.210.3 # ST_HR-PRV-PC-2 | ip_id: 13 + - 192.168.210.4 # ST_HR-PRV-PC-3 | ip_id: 14 # ====== ST DATA Servers ======= - - *ST_SRV_STORAGE_IP # 192.168.220.2 (ST-DATA-PRV-SRV-STORAGE) | ip_id: 15 - - *ST_SRV_DB_IP # 192.168.220.3 (ST-DATA-PRV-SRV-DB) | ip_id: 16 + - *ST_SRV_STORAGE_IP # 192.168.220.2 (ST_DATA-PRV-SRV-STORAGE) | ip_id: 15 + - *ST_SRV_DB_IP # 192.168.220.3 (ST_DATA-PRV-SRV-DB) | ip_id: 16 # ====== ST Project A ======= - 192.168.230.2 # PROJ-A-PRV-PC-1 | ip_id: 17 - 192.168.230.3 # PROJ-A-PRV-PC-2 | ip_id: 18 @@ -1083,8 +1083,8 @@ agents: # Home Office Green Agent Pattern Of Life # ====================================== - # 1. Three Home workers accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. Three Home workers accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. Three Home workers accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. Three Home workers accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: HOME_WORKER-1-DB team: GREEN @@ -1177,8 +1177,8 @@ agents: # Remote Site Green Agent Pattern Of Life # ====================================== - # 1. Three Remote workers accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. Three Remote workers accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. Three Remote workers accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. Three Remote workers accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: REMOTE_WORKER-1-DB team: GREEN @@ -1272,10 +1272,10 @@ agents: # ST Project A Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_A-SENIOR-DEV-DB @@ -1284,7 +1284,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1296,7 +1296,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-1 + node_hostname: ST_PROJ-A-PRV-PC-1 - ref: PROJ_A-SENIOR-DEV-WEB team: GREEN @@ -1310,7 +1310,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1319,7 +1319,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-1 + node_hostname: ST_PROJ-A-PRV-PC-1 - ref: PROJ_A-JUNIOR-DEV-1-DB team: GREEN @@ -1327,7 +1327,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1339,7 +1339,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-2 + node_hostname: ST_PROJ-A-PRV-PC-2 - ref: PROJ_A-JUNIOR-DEV-1-WEB team: GREEN @@ -1353,7 +1353,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-2 + node_name: ST_PROJ-A-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1362,7 +1362,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-2 + node_hostname: ST_PROJ-A-PRV-PC-2 - ref: PROJ_A-JUNIOR-DEV-2-DB team: GREEN @@ -1370,7 +1370,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1382,7 +1382,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-3 + node_hostname: ST_PROJ-A-PRV-PC-3 - ref: PROJ_A-JUNIOR-DEV-2-WEB team: GREEN @@ -1396,7 +1396,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-3 + node_name: ST_PROJ-A-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1405,7 +1405,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-3 + node_hostname: ST_PROJ-A-PRV-PC-3 #################################### # ST Project B Network POL Config # @@ -1413,10 +1413,10 @@ agents: # ST Project B Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_B-SENIOR-DEV-DB team: GREEN @@ -1424,7 +1424,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1436,7 +1436,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-1 + node_hostname: ST_PROJ-B-PRV-PC-1 - ref: PROJ_B-SENIOR-DEV-WEB team: GREEN @@ -1450,7 +1450,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-1 + node_name: ST_PROJ-B-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1459,14 +1459,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-1 + node_hostname: ST_PROJ-B-PRV-PC-1 - ref: PROJ_B-JUNIOR-DEV-1-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1478,7 +1478,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-2 + node_hostname: ST_PROJ-B-PRV-PC-2 - ref: PROJ_B-JUNIOR-DEV-1-WEB team: GREEN @@ -1492,7 +1492,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1501,14 +1501,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-2 + node_hostname: ST_PROJ-B-PRV-PC-2 - ref: PROJ_B-JUNIOR-DEV-2-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1520,7 +1520,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-3 + node_hostname: ST_PROJ-B-PRV-PC-3 - ref: PROJ_B-JUNIOR-DEV-2-WEB team: GREEN @@ -1534,7 +1534,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-3 + node_name: ST_PROJ-B-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1543,7 +1543,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-3 + node_hostname: ST_PROJ-B-PRV-PC-3 #################################### # ST Project C Network POL Config # @@ -1551,10 +1551,10 @@ agents: # ST Project C Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_C-SENIOR-DEV-DB team: GREEN @@ -1562,7 +1562,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1574,7 +1574,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-1 + node_hostname: ST_PROJ-C-PRV-PC-1 - ref: PROJ_C-SENIOR-DEV-WEB team: GREEN @@ -1588,7 +1588,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-1 + node_name: ST_PROJ-C-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1597,14 +1597,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-1 + node_hostname: ST_PROJ-C-PRV-PC-1 - ref: PROJ_C-JUNIOR-DEV-1-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1616,7 +1616,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-2 + node_hostname: ST_PROJ-C-PRV-PC-2 - ref: PROJ_C-JUNIOR-DEV-1-WEB team: GREEN @@ -1630,7 +1630,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-2 + node_name: ST_PROJ-C-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1639,7 +1639,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-2 + node_hostname: ST_PROJ-C-PRV-PC-2 - ref: PROJ_C-JUNIOR-DEV-2-DB team: GREEN @@ -1647,7 +1647,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1659,7 +1659,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-3 + node_hostname: ST_PROJ-C-PRV-PC-3 - ref: PROJ_C-JUNIOR-DEV-2-WEB team: GREEN @@ -1673,7 +1673,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1682,7 +1682,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-3 + node_hostname: ST_PROJ-C-PRV-PC-3 ###################################### # ST Head Office Network POL Config # @@ -1690,9 +1690,9 @@ agents: # ST Head Office Green Agent Pattern Of Life # ========================================== - # 1. The ST CEO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 2. The ST CTO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. The ST CFO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. The ST CEO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 2. The ST CTO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. The ST CFO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: CEO team: GREEN @@ -1708,14 +1708,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-1 + node_name: ST_HO-PRV-PC-1 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *HIGH_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-1 + node_hostname: ST_HO-PRV-PC-1 - ref: CTO team: GREEN @@ -1731,14 +1731,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-2 + node_name: ST_HO-PRV-PC-2 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-2 + node_hostname: ST_HO-PRV-PC-2 - ref: CFO team: GREEN @@ -1754,14 +1754,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-3 + node_name: ST_HO-PRV-PC-3 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-3 + node_hostname: ST_HO-PRV-PC-3 ########################################## # ST Human Resources Network POL Config # @@ -1769,8 +1769,8 @@ agents: # ST Head Office Green Agent Pattern Of Life # ========================================== - # 1. A senior HR staff accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 2. Two junior HR staff accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A senior HR staff accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 2. Two junior HR staff accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: SENIOR_HR team: GREEN @@ -1786,14 +1786,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-1 + node_name: ST_HR-PRV-PC-1 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-1 + node_hostname: ST_HR-PRV-PC-1 - ref: JUNIOR_HR-1 team: GREEN @@ -1809,14 +1809,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-2 + node_name: ST_HR-PRV-PC-2 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-2 + node_hostname: ST_HR-PRV-PC-2 - ref: JUNIOR_HR-2 team: GREEN @@ -1832,14 +1832,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-3 + node_name: ST_HR-PRV-PC-3 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-3 + node_hostname: ST_HR-PRV-PC-3 ########################## # UC7 Red Agent Config # @@ -1855,8 +1855,8 @@ agents: repeat_kill_chain: false repeat_kill_chain_stages: true default_target_ip: *ST_SRV_DB_IP - default_starting_node: "ST-PROJ-A-PRV-PC-1" - # starting_nodes: ["ST-PROJ-A-PRV-PC-1", "ST-PROJ-B-PRV-PC-2", "ST-PROJ-C-PRV-PC-3"] + default_starting_node: "ST_PROJ-A-PRV-PC-1" + # starting_nodes: ["ST_PROJ-A-PRV-PC-1", "ST_PROJ-B-PRV-PC-2", "ST_PROJ-C-PRV-PC-3"] starting_nodes: kill_chain: ACTIVATE: @@ -1904,8 +1904,8 @@ agents: label: NODES options: hosts: - # TAP001 Potential Starting Note | ST-PROJ-A-PRV-PC-1 - - hostname: ST-PROJ-A-PRV-PC-1 + # TAP001 Potential Starting Note | ST_PROJ-A-PRV-PC-1 + - hostname: ST_PROJ-A-PRV-PC-1 services: - service_name: ftp-client applications: @@ -1918,8 +1918,8 @@ agents: - folder_name: exfiltration_folder files: - file_name: database.db - # TAP001 Potential Starting Note | ST-PROJ-B-PRV-PC-2 - - hostname: ST-PROJ-B-PRV-PC-2 + # TAP001 Potential Starting Note | ST_PROJ-B-PRV-PC-2 + - hostname: ST_PROJ-B-PRV-PC-2 services: - service_name: ftp-client applications: @@ -1932,8 +1932,8 @@ agents: - folder_name: exfiltration_folder files: - file_name: database.db - # TAP001 Potential Starting Note | ST-PROJ-C-PRV-PC-3 - - hostname: ST-PROJ-C-PRV-PC-3 + # TAP001 Potential Starting Note | ST_PROJ-C-PRV-PC-3 + - hostname: ST_PROJ-C-PRV-PC-3 services: - service_name: ftp-client applications: @@ -1947,14 +1947,14 @@ agents: files: - file_name: database.db # ST DATA Server Database - - hostname: ST-DATA-PRV-SRV-DB + - hostname: ST_DATA-PRV-SRV-DB folders: - folder_name: database files: - file_name: database.db routers: - - hostname: ST-INTRA-PRV-RT-CR # TAP003 Malicious ACL Target | ROUTER0 - - hostname: ST-INTRA-PRV-RT-DR-1 # TAP003 Malicious ACL Target | ROUTER1 + - hostname: ST_INTRA-PRV-RT-CR # TAP003 Malicious ACL Target | ROUTER0 + - hostname: ST_INTRA-PRV-RT-DR-1 # TAP003 Malicious ACL Target | ROUTER1 - hostname: REM-PUB-RT-DR # TAP003 Malicious ACL Target | ROUTER2 num_ports: 5 num_services: 2 @@ -2017,41 +2017,41 @@ agents: - REM-PUB-SW-AS:eth-3<->REM-PUB-PC-2:eth-1 # 11 - REM-PUB-SW-AS:eth-4<->REM-PUB-SRV:eth-1 # 12 # SOME_TECH DMZ - - ISP-PUB-RT-BR:eth-4<->ST-PUB-FW:eth-1 # 13 - - ST-PUB-FW:eth-3<->ST-DMZ-PUB-SRV-WEB:eth-1 # 14 + - ISP-PUB-RT-BR:eth-4<->ST_PUB-FW:eth-1 # 13 + - ST_PUB-FW:eth-3<->ST_DMZ-PUB-SRV-WEB:eth-1 # 14 # SOME_TECH Intranet - - ST-INTRA-PRV-RT-CR:eth-1<->ST-PUB-FW:eth-2 # 15 - - ST-INTRA-PRV-RT-CR:eth-2<->ST-INTRA-PRV-RT-DR-1:eth-1 # 16 - - ST-INTRA-PRV-RT-CR:eth-3<->ST-INTRA-PRV-RT-DR-2:eth-1 # 17 - - ST-INTRA-PRV-RT-CR:eth-4<->ST-DATA-PRV-SW-AS:eth-1 # 18 + - ST_INTRA-PRV-RT-CR:eth-1<->ST_PUB-FW:eth-2 # 15 + - ST_INTRA-PRV-RT-CR:eth-2<->ST_INTRA-PRV-RT-DR-1:eth-1 # 16 + - ST_INTRA-PRV-RT-CR:eth-3<->ST_INTRA-PRV-RT-DR-2:eth-1 # 17 + - ST_INTRA-PRV-RT-CR:eth-4<->ST_DATA-PRV-SW-AS:eth-1 # 18 # SOME_TECH Head Office - - ST-HO-PRV-SW-AS:eth-1<->ST-INTRA-PRV-RT-DR-2:eth-2 # 19 - - ST-HO-PRV-SW-AS:eth-2<->ST-HO-PRV-PC-1:eth-1 # 20 - - ST-HO-PRV-SW-AS:eth-3<->ST-HO-PRV-PC-2:eth-1 # 21 - - ST-HO-PRV-SW-AS:eth-4<->ST-HO-PRV-PC-3:eth-1 # 22 + - ST_HO-PRV-SW-AS:eth-1<->ST_INTRA-PRV-RT-DR-2:eth-2 # 19 + - ST_HO-PRV-SW-AS:eth-2<->ST_HO-PRV-PC-1:eth-1 # 20 + - ST_HO-PRV-SW-AS:eth-3<->ST_HO-PRV-PC-2:eth-1 # 21 + - ST_HO-PRV-SW-AS:eth-4<->ST_HO-PRV-PC-3:eth-1 # 22 # SOME_TECH Human Resources - - ST-HR-PRV-SW-AS:eth-1<->ST-INTRA-PRV-RT-DR-2:eth-3 # 23 - - ST-HR-PRV-SW-AS:eth-2<->ST-HR-PRV-PC-1:eth-1 # 24 - - ST-HR-PRV-SW-AS:eth-3<->ST-HR-PRV-PC-2:eth-1 # 25 - - ST-HR-PRV-SW-AS:eth-4<->ST-HR-PRV-PC-3:eth-1 # 26 + - ST_HR-PRV-SW-AS:eth-1<->ST_INTRA-PRV-RT-DR-2:eth-3 # 23 + - ST_HR-PRV-SW-AS:eth-2<->ST_HR-PRV-PC-1:eth-1 # 24 + - ST_HR-PRV-SW-AS:eth-3<->ST_HR-PRV-PC-2:eth-1 # 25 + - ST_HR-PRV-SW-AS:eth-4<->ST_HR-PRV-PC-3:eth-1 # 26 # SOME_TECH Data Links - - ST-DATA-PRV-SW-AS:eth-2<->ST-DATA-PRV-SRV-STORAGE:eth-1 # 27 - - ST-DATA-PRV-SW-AS:eth-3<->ST-DATA-PRV-SRV-DB:eth-1 # 28 + - ST_DATA-PRV-SW-AS:eth-2<->ST_DATA-PRV-SRV-STORAGE:eth-1 # 27 + - ST_DATA-PRV-SW-AS:eth-3<->ST_DATA-PRV-SRV-DB:eth-1 # 28 # SOME_TECH Project A Links - - ST-INTRA-PRV-RT-DR-1:eth-2<->ST-PROJ-A-PRV-SW-AS:eth-1 # 29 - - ST-PROJ-A-PRV-SW-AS:eth2<->ST-PROJ-A-PRV-PC-1:eth-1 # 31 - - ST-PROJ-A-PRV-SW-AS:eth3<->ST-PROJ-A-PRV-PC-2:eth-1 # 32 - - ST-PROJ-A-PRV-SW-AS:eth4<->ST-PROJ-A-PRV-PC-3:eth-1 # 33 + - ST_INTRA-PRV-RT-DR-1:eth-2<->ST_PROJ-A-PRV-SW-AS:eth-1 # 29 + - ST_PROJ-A-PRV-SW-AS:eth2<->ST_PROJ-A-PRV-PC-1:eth-1 # 31 + - ST_PROJ-A-PRV-SW-AS:eth3<->ST_PROJ-A-PRV-PC-2:eth-1 # 32 + - ST_PROJ-A-PRV-SW-AS:eth4<->ST_PROJ-A-PRV-PC-3:eth-1 # 33 # SOME_TECH Project B Links - - ST-INTRA-PRV-RT-DR-1:eth-3<->ST-PROJ-B-PRV-SW-AS:eth-1 # 34 - - ST-PROJ-B-PRV-SW-AS:eth2<->ST-PROJ-B-PRV-PC-1:eth-1 # 35 - - ST-PROJ-B-PRV-SW-AS:eth3<->ST-PROJ-B-PRV-PC-2:eth-1 # 36 - - ST-PROJ-B-PRV-SW-AS:eth4<->ST-PROJ-B-PRV-PC-3:eth-1 # 37 + - ST_INTRA-PRV-RT-DR-1:eth-3<->ST_PROJ-B-PRV-SW-AS:eth-1 # 34 + - ST_PROJ-B-PRV-SW-AS:eth2<->ST_PROJ-B-PRV-PC-1:eth-1 # 35 + - ST_PROJ-B-PRV-SW-AS:eth3<->ST_PROJ-B-PRV-PC-2:eth-1 # 36 + - ST_PROJ-B-PRV-SW-AS:eth4<->ST_PROJ-B-PRV-PC-3:eth-1 # 37 # SOME_TECH Project C Links - - ST-INTRA-PRV-RT-DR-1:eth-4<->ST-PROJ-C-PRV-SW-AS:eth-1 # 38 - - ST-PROJ-A-PRV-SW-AS:eth2<->ST-PROJ-C-PRV-PC-1:eth-1 # 39 - - ST-PROJ-A-PRV-SW-AS:eth3<->ST-PROJ-C-PRV-PC-2:eth-1 # 40 - - ST-PROJ-A-PRV-SW-AS:eth4<->ST-PROJ-C-PRV-PC-3:eth-1 # 41 + - ST_INTRA-PRV-RT-DR-1:eth-4<->ST_PROJ-C-PRV-SW-AS:eth-1 # 38 + - ST_PROJ-A-PRV-SW-AS:eth2<->ST_PROJ-C-PRV-PC-1:eth-1 # 39 + - ST_PROJ-A-PRV-SW-AS:eth3<->ST_PROJ-C-PRV-PC-2:eth-1 # 40 + - ST_PROJ-A-PRV-SW-AS:eth4<->ST_PROJ-C-PRV-PC-3:eth-1 # 41 action_space: action_map: 0: @@ -2059,402 +2059,402 @@ agents: options: {} # |======================================| - # | ST-PROJ-A-PRV-PC-1 | + # | ST_PROJ-A-PRV-PC-1 | # |======================================| - # ST-PROJ-A-PRV-PC-1 | node-os-scan + # ST_PROJ-A-PRV-PC-1 | node-os-scan 1: action: node-os-scan options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-shutdown + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-shutdown 2: action: node-shutdown options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-startup + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-startup 3: action: node-startup options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-reset + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-reset 4: action: node-reset options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | host-nic-disable + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | host-nic-disable 5: action: host-nic-disable options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 nic_num: 0 - # ST-PROJ-A-PRV-PC-1 | host-nic-enable + # ST_PROJ-A-PRV-PC-1 | host-nic-enable 6: action: host-nic-enable options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 nic_num: 0 - # ST-PROJ-A-PRV-PC-1 | node-application-close | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-close | database-client 7: action: node-application-close options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-scan | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-scan | database-client 8: action: node-application-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-fix | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-fix | database-client 9: action: node-application-fix options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-remove | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-remove | database-client 10: action: node-application-remove options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-A-PRV-PC-1 | node-file-scan | downloads/malware_dropper.ps1 11: action: node-file-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-A-PRV-PC-1 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-A-PRV-PC-1 | node-file-scan | exfiltration_folder/database.db 12: action: node-file-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-A-PRV-PC-1 | node-folder-scan | downloads/ + # ST_PROJ-A-PRV-PC-1 | node-folder-scan | downloads/ 13: action: node-folder-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: downloads - # ST-PROJ-A-PRV-PC-1 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-A-PRV-PC-1 | node-folder-scan | exfiltration_folder/ 14: action: node-folder-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: exfiltration_folder # |======================================| - # | ST-PROJ-B-PRV-PC-2 | + # | ST_PROJ-B-PRV-PC-2 | # |======================================| - # ST-PROJ-B-PRV-PC-2 | node-os-scan + # ST_PROJ-B-PRV-PC-2 | node-os-scan 15: action: node-os-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-shutdown + # ST_PROJ-B-PRV-PC-2 | node-shutdown 16: action: node-shutdown options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-startup + # ST_PROJ-B-PRV-PC-2 | node-startup 17: action: node-startup options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-reset + # ST_PROJ-B-PRV-PC-2 | node-reset 18: action: node-reset options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | host-nic-disable + # ST_PROJ-B-PRV-PC-2 | host-nic-disable 19: action: host-nic-disable options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 nic_num: 0 - # ST-PROJ-B-PRV-PC-2 | host-nic-enable + # ST_PROJ-B-PRV-PC-2 | host-nic-enable 20: action: host-nic-enable options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 nic_num: 0 - # ST-PROJ-B-PRV-PC-2 | node-application-close | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-close | database-client 21: action: node-application-close options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-scan | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-scan | database-client 22: action: node-application-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-fix | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-fix | database-client 23: action: node-application-fix options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-remove | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-remove | database-client 24: action: node-application-remove options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-B-PRV-PC-2 | node-file-scan | downloads/malware_dropper.ps1 25: action: node-file-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-B-PRV-PC-2 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-B-PRV-PC-2 | node-file-scan | exfiltration_folder/database.db 26: action: node-file-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-B-PRV-PC-2 | node-folder-scan | downloads/ + # ST_PROJ-B-PRV-PC-2 | node-folder-scan | downloads/ 27: action: node-folder-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: downloads - # ST-PROJ-B-PRV-PC-2 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-B-PRV-PC-2 | node-folder-scan | exfiltration_folder/ 28: action: node-folder-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: exfiltration_folder # |======================================| - # | ST-PROJ-C-PRV-PC-3 | + # | ST_PROJ-C-PRV-PC-3 | # |======================================| - # ST-PROJ-C-PRV-PC-3 | node-os-scan + # ST_PROJ-C-PRV-PC-3 | node-os-scan 29: action: node-os-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-shutdown + # ST_PROJ-C-PRV-PC-3 | node-shutdown 30: action: node-shutdown options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-startup + # ST_PROJ-C-PRV-PC-3 | node-startup 31: action: node-startup options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-reset + # ST_PROJ-C-PRV-PC-3 | node-reset 32: action: node-reset options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | host-nic-disable + # ST_PROJ-C-PRV-PC-3 | host-nic-disable 33: action: host-nic-disable options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 nic_num: 0 - # ST-PROJ-C-PRV-PC-3 | host-nic-enable + # ST_PROJ-C-PRV-PC-3 | host-nic-enable 34: action: host-nic-enable options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 nic_num: 0 - # ST-PROJ-C-PRV-PC-3 | node-application-close | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-close | database-client 35: action: node-application-close options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-scan | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-scan | database-client 36: action: node-application-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-fix | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-fix | database-client 37: action: node-application-fix options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-remove | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-remove | database-client 38: action: node-application-remove options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-C-PRV-PC-3 | node-file-scan | downloads/malware_dropper.ps1 39: action: node-file-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-C-PRV-PC-3 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-C-PRV-PC-3 | node-file-scan | exfiltration_folder/database.db 40: action: node-file-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-C-PRV-PC-3 | node-folder-scan | downloads/ + # ST_PROJ-C-PRV-PC-3 | node-folder-scan | downloads/ 41: action: node-folder-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: downloads - # ST-PROJ-C-PRV-PC-3 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-C-PRV-PC-3 | node-folder-scan | exfiltration_folder/ 42: action: node-folder-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: exfiltration_folder # |======================================| - # | ST-INTRA-PRV-RT-CR | + # | ST_INTRA-PRV-RT-CR | # |======================================| - # ST-INTRA-PRV-RT-CR | router-acl-add-rule | P2: ST-PROJ-A-PRV-PC-1 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-add-rule | P2: ST_PROJ-A-PRV-PC-1 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 43: action: router-acl-add-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 1 permission: DENY - src_ip: 192.168.230.2 # (ST-PROJ-A-PRV-PC-1) + src_ip: 192.168.230.2 # (ST_PROJ-A-PRV-PC-1) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 1 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 1 44: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 1 - # ST-INTRA-PRV-RT-CR | router-acl-add-rule | P3: ST-PROJ-B-PRV-PC-2 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-add-rule | P3: ST_PROJ-B-PRV-PC-2 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 45: action: router-acl-add-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 2 permission: DENY - src_ip: 192.168.240.3 # (ST-PROJ-B-PRV-PC-2) + src_ip: 192.168.240.3 # (ST_PROJ-B-PRV-PC-2) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 2 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 2 46: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 2 - # ST-INTRA-PRV-RT-CR | router-acl-add-rule | P4: ST-PROJ-C-PRV-PC-3 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-add-rule | P4: ST_PROJ-C-PRV-PC-3 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 47: action: router-acl-add-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 3 permission: DENY - src_ip: 192.168.250.4 # (ST-PROJ-C-PRV-PC-3) + src_ip: 192.168.250.4 # (ST_PROJ-C-PRV-PC-3) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 3 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 3 48: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 3 # |======================================| - # | ST-DATA-PRV-SRV-DB | + # | ST_DATA-PRV-SRV-DB | # |======================================| - # ST-DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status) + # ST_DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status) 49: action: node-file-scan options: - node_name: ST-DATA-PRV-SRV-DB + node_name: ST_DATA-PRV-SRV-DB folder_name: database file_name: database.db - # ST-DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account + # ST_DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account 50: action: node-account-change-password options: - node_name: ST-DATA-PRV-SRV-DB + node_name: ST_DATA-PRV-SRV-DB username: admin # default account current_password: admin # default password new_password: thr33_alert_wolv3z # A more 'secure' password # |======================================| - # | ST-INTRA-PRV-RT-DR-1 | + # | ST_INTRA-PRV-RT-DR-1 | # |======================================| - # ST-INTRA-PRV-RT-DR-1 | router-acl-add-rule | P1: ST-INTRA-PRV-RT-DR-1 !==> ANY (TCP:SSH) + # ST_INTRA-PRV-RT-DR-1 | router-acl-add-rule | P1: ST_INTRA-PRV-RT-DR-1 !==> ANY (TCP:SSH) 51: action: router-acl-add-rule options: - target_router: ST-INTRA-PRV-RT-DR-1 + target_router: ST_INTRA-PRV-RT-DR-1 position: 1 permission: DENY - src_ip: 192.168.230.2 # (ST-PROJ-A-PRV-PC-1) + src_ip: 192.168.230.2 # (ST_PROJ-A-PRV-PC-1) src_wildcard: 0.0.255.255 src_port: SSH dst_ip: ALL @@ -2462,20 +2462,20 @@ agents: dst_port: SSH protocol_name: TCP - # ST-INTRA-PRV-RT-DR-1 | node-account-change-password + # ST_INTRA-PRV-RT-DR-1 | node-account-change-password 52: action: node-account-change-password options: - node_name: ST-INTRA-PRV-RT-DR-1 + node_name: ST_INTRA-PRV-RT-DR-1 username: admin current_password: admin new_password: secure_password - # ST-INTRA-PRV-RT-DR-1 | router-acl-remove-rule | Removes the given ACL at position 1 + # ST_INTRA-PRV-RT-DR-1 | router-acl-remove-rule | Removes the given ACL at position 1 53: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-DR-1 + target_router: ST_INTRA-PRV-RT-DR-1 position: 1 # |======================================| @@ -2503,7 +2503,7 @@ agents: - type: database-file-integrity weight: *HIGH_WEIGHT_IMPACT options: - node_hostname: ST-DATA-PRV-SRV-DB + node_hostname: ST_DATA-PRV-SRV-DB folder_name: database file_name: database.db @@ -2724,7 +2724,7 @@ agents: # # UC7 Network Wide System Pattern Of Life # # ========================================== # # 1. All NTP Clients perform periodic NTP Server transactions. - # # 2. Periodic Database (ST-DATA-PRV-SRV-DB) FTP backups (ST-DATA-PRV-SRV-STORAGE) + # # 2. Periodic Database (ST_DATA-PRV-SRV-DB) FTP backups (ST_DATA-PRV-SRV-STORAGE) # # 3. All DNS Clients perform periodic DNS Server transactions. # # TODO: NTPClient Node Service Start doesn't start a 'Request' @@ -2779,50 +2779,50 @@ agents: # 7: # action: NODE_SERVICE_START # options: - # node_id: 6 # ST-DMZ-PUB-SRV-WEB + # node_id: 6 # ST_DMZ-PUB-SRV-WEB # service_id: 0 # # ====== ST Head Office ======= # 8: # action: NODE_SERVICE_START # options: - # node_id: 7 # ST-HO-PRV-PC-1 + # node_id: 7 # ST_HO-PRV-PC-1 # service_id: 0 # 9: # action: NODE_SERVICE_START # options: - # node_id: 8 # ST-HO-PRV-PC-2 + # node_id: 8 # ST_HO-PRV-PC-2 # service_id: 0 # 10: # action: NODE_SERVICE_START # options: - # node_id: 9 # ST-HO-PRV-PC-3 + # node_id: 9 # ST_HO-PRV-PC-3 # service_id: 0 # # ====== ST Human Resources ======= # 11: # action: NODE_SERVICE_START # options: - # node_id: 10 # ST-HR-PRV-PC-1 + # node_id: 10 # ST_HR-PRV-PC-1 # service_id: 0 # 12: # action: NODE_SERVICE_START # options: - # node_id: 11 # ST-HR-PRV-PC-2 + # node_id: 11 # ST_HR-PRV-PC-2 # service_id: 0 # 13: # action: NODE_SERVICE_START # options: - # node_id: 12 # ST-HR-PRV-PC-3 + # node_id: 12 # ST_HR-PRV-PC-3 # service_id: 0 # # ====== ST DATA Servers ======= # 14: # action: NODE_SERVICE_START # options: - # node_id: 13 # ST-DATA-PRV-SRV-STORAGE + # node_id: 13 # ST_DATA-PRV-SRV-STORAGE # service_id: 0 # 15: # action: NODE_SERVICE_START # options: - # node_id: 14 # ST-DATA-PRV-SRV-DB + # node_id: 14 # ST_DATA-PRV-SRV-DB # service_id: 0 # # ====== ST Project A ======= # 16: @@ -2895,34 +2895,34 @@ agents: # services: # - service_name: NTPClient # # ====== ST Public DMZ ======= - # - node_name: ST-DMZ-PUB-SRV-WEB + # - node_name: ST_DMZ-PUB-SRV-WEB # services: # - service_name: NTPClient # # ====== ST Head Office ======= - # - node_name: ST-HO-PRV-PC-1 + # - node_name: ST_HO-PRV-PC-1 # services: # - service_name: NTPClient - # - node_name: ST-HO-PRV-PC-2 + # - node_name: ST_HO-PRV-PC-2 # services: # - service_name: NTPClient - # - node_name: ST-HO-PRV-PC-3 + # - node_name: ST_HO-PRV-PC-3 # services: # - service_name: NTPClient # # ===== ST Human Resources ====== - # - node_name: ST-HR-PRV-PC-1 + # - node_name: ST_HR-PRV-PC-1 # services: # - service_name: NTPClient - # - node_name: ST-HR-PRV-PC-2 + # - node_name: ST_HR-PRV-PC-2 # services: # - service_name: NTPClient - # - node_name: ST-HR-PRV-PC-3 + # - node_name: ST_HR-PRV-PC-3 # services: # - service_name: NTPClient # # ====== ST DATA Servers ======= - # - node_name: ST-DATA-PRV-SRV-STORAGE + # - node_name: ST_DATA-PRV-SRV-STORAGE # services: # - service_name: NTPClient - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # services: # - service_name: NTPClient # # ====== ST Project A ======= @@ -2971,7 +2971,7 @@ agents: # reward_components: # - type: DUMMY - # # 2. Periodic Database (ST-DATA-PRV-SRV-DB) FTP backups (ST-DATA-PRV-SRV-STORAGE) + # # 2. Periodic Database (ST_DATA-PRV-SRV-DB) FTP backups (ST_DATA-PRV-SRV-STORAGE) # - ref: SYSTEM-FTP # team: GREEN @@ -2992,7 +2992,7 @@ agents: # service_id: 0 # options: # nodes: - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # applications: # - application_name: database-client # ip_list: @@ -3062,50 +3062,50 @@ agents: # 7: # action: NODE_SERVICE_START # options: - # node_id: 6 # ST-DMZ-PUB-SRV-WEB + # node_id: 6 # ST_DMZ-PUB-SRV-WEB # service_id: 0 # # ====== ST Head Office ======= # 8: # action: NODE_SERVICE_START # options: - # node_id: 7 # ST-HO-PRV-PC-1 + # node_id: 7 # ST_HO-PRV-PC-1 # service_id: 0 # 9: # action: NODE_SERVICE_START # options: - # node_id: 8 # ST-HO-PRV-PC-2 + # node_id: 8 # ST_HO-PRV-PC-2 # service_id: 0 # 10: # action: NODE_SERVICE_START # options: - # node_id: 9 # ST-HO-PRV-PC-3 + # node_id: 9 # ST_HO-PRV-PC-3 # service_id: 0 # # ====== ST Human Resources ======= # 11: # action: NODE_SERVICE_START # options: - # node_id: 10 # ST-HR-PRV-PC-1 + # node_id: 10 # ST_HR-PRV-PC-1 # service_id: 0 # 12: # action: NODE_SERVICE_START # options: - # node_id: 11 # ST-HR-PRV-PC-2 + # node_id: 11 # ST_HR-PRV-PC-2 # service_id: 0 # 13: # action: NODE_SERVICE_START # options: - # node_id: 12 # ST-HR-PRV-PC-3 + # node_id: 12 # ST_HR-PRV-PC-3 # service_id: 0 # # ====== ST DATA Servers ======= # 14: # action: NODE_SERVICE_START # options: - # node_id: 13 # ST-DATA-PRV-SRV-STORAGE + # node_id: 13 # ST_DATA-PRV-SRV-STORAGE # service_id: 0 # 15: # action: NODE_SERVICE_START # options: - # node_id: 14 # ST-DATA-PRV-SRV-DB + # node_id: 14 # ST_DATA-PRV-SRV-DB # service_id: 0 # # ====== ST Project A ======= # 16: @@ -3178,34 +3178,34 @@ agents: # services: # - service_name: dns-client # # ====== ST Public DMZ ======= - # - node_name: ST-DMZ-PUB-SRV-WEB + # - node_name: ST_DMZ-PUB-SRV-WEB # services: # - service_name: dns-client # # ====== ST Head Office ======= - # - node_name: ST-HO-PRV-PC-1 + # - node_name: ST_HO-PRV-PC-1 # services: # - service_name: dns-client - # - node_name: ST-HO-PRV-PC-2 + # - node_name: ST_HO-PRV-PC-2 # services: # - service_name: dns-client - # - node_name: ST-HO-PRV-PC-3 + # - node_name: ST_HO-PRV-PC-3 # services: # - service_name: dns-client # # ===== ST Human Resources ====== - # - node_name: ST-HR-PRV-PC-1 + # - node_name: ST_HR-PRV-PC-1 # services: # - service_name: dns-client - # - node_name: ST-HR-PRV-PC-2 + # - node_name: ST_HR-PRV-PC-2 # services: # - service_name: dns-client - # - node_name: ST-HR-PRV-PC-3 + # - node_name: ST_HR-PRV-PC-3 # services: # - service_name: dns-client # # ====== ST DATA Servers ======= - # - node_name: ST-DATA-PRV-SRV-STORAGE + # - node_name: ST_DATA-PRV-SRV-STORAGE # services: # - service_name: dns-client - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # services: # - service_name: dns-client # # ====== ST Project A ======= diff --git a/src/primaite/config/_package_data/uc7_config_tap003.yaml b/src/primaite/config/_package_data/uc7_config_tap003.yaml index f2d86236..dc5c62a9 100644 --- a/src/primaite/config/_package_data/uc7_config_tap003.yaml +++ b/src/primaite/config/_package_data/uc7_config_tap003.yaml @@ -73,7 +73,7 @@ SOME_TECH_PROJECT_C_SUBNET: &ST_PROJ_C_SUBNET 255.255.255.248 # # Host & Server Configurations # -# ST Public Web Server | web-server | ST-DMZ-PUB-SRV-WEB +# ST Public Web Server | web-server | ST_DMZ-PUB-SRV-WEB SOME_TECH_PUBLIC_SERVER_WEB_IP_ADDRESS: &ST_PUB_SRV_WEB_IP 192.168.100.2 SOME_TECH_PUBLIC_SERVER_WEB_CONFIG: &ST_SRV_WEB_CONFIG # - type: web-server @@ -86,12 +86,12 @@ PUBLIC_DNS_CONFIG: &PUBLIC_DNS_CONFIG # domain_mapping: some_tech.com: *ST_PUB_SRV_WEB_IP -# ST Private Storage Server | ftp-server | ST-DATA-PRV-SRV-STORAGE +# ST Private Storage Server | ftp-server | ST_DATA-PRV-SRV-STORAGE SOME_TECH_PRIVATE_SERVER_STORAGE_IP: &ST_SRV_STORAGE_IP 192.168.220.2 SOME_TECH_PRIVATE_SERVER_STORAGE_CONFIG: &ST_SRV_STORAGE_CONFIG - type: ftp-server -# ST Private Database Server | database-client & ftp-client | ST-DATA-PRV-SRV-DB +# ST Private Database Server | database-client & ftp-client | ST_DATA-PRV-SRV-DB SOME_TECH_PRIVATE_SERVER_DATABASE_IP: &ST_SRV_DB_IP 192.168.220.3 SOME_TECH_PRIVATE_SERVER_DATABASE_CONFIG: &ST_SRV_DB_CONFIG - type: database-service @@ -319,7 +319,7 @@ simulation: # SOME_TECH DMZ SUBNET # ######################## - - hostname: ST-PUB-FW + - hostname: ST_PUB-FW type: firewall ports: external_port: # Public Internet Facing Port @@ -410,7 +410,7 @@ simulation: #next_hop_ip_address: 10.1.100.1 next_hop_ip_address: 192.168.150.2 - - hostname: ST-DMZ-PUB-SRV-WEB + - hostname: ST_DMZ-PUB-SRV-WEB type: server ip_address: *ST_PUB_SRV_WEB_IP subnet_mask: *ST_DMZ_SUBNET @@ -422,7 +422,7 @@ simulation: # SOME_TECH INTRANET SUBNET # ############################# - - hostname: ST-INTRA-PRV-RT-CR + - hostname: ST_INTRA-PRV-RT-CR type: router ports: 1: @@ -461,7 +461,7 @@ simulation: 5: action: PERMIT - - hostname: ST-INTRA-PRV-RT-DR-1 + - hostname: ST_INTRA-PRV-RT-DR-1 type: router ports: 1: @@ -482,7 +482,7 @@ simulation: 5: action: PERMIT - - hostname: ST-INTRA-PRV-RT-DR-2 + - hostname: ST_INTRA-PRV-RT-DR-2 type: router default_gateway: 192.168.170.1 ports: @@ -505,30 +505,30 @@ simulation: # SOME_TECH HEAD OFFICE SUBNET # ################################ - - hostname: ST-HO-PRV-SW-AS + - hostname: ST_HO-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-HO-PRV-PC-1 + - hostname: ST_HO-PRV-PC-1 type: computer ip_address: 192.168.200.2 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HO-PRV-PC-2 + - hostname: ST_HO-PRV-PC-2 type: computer ip_address: 192.168.200.3 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HO-PRV-PC-3 + - hostname: ST_HO-PRV-PC-3 type: computer ip_address: 192.168.200.4 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -537,30 +537,30 @@ simulation: # SOME_TECH HUMAN RESOURCES SUBNET # #################################### - - hostname: ST-HR-PRV-SW-AS + - hostname: ST_HR-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-HR-PRV-PC-1 + - hostname: ST_HR-PRV-PC-1 type: computer ip_address: 192.168.210.2 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HR-PRV-PC-2 + - hostname: ST_HR-PRV-PC-2 type: computer ip_address: 192.168.210.3 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HR-PRV-PC-3 + - hostname: ST_HR-PRV-PC-3 type: computer ip_address: 192.168.210.4 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -569,11 +569,11 @@ simulation: # SOME_TECH DATA SUBNET # ######################### - - hostname: ST-DATA-PRV-SW-AS + - hostname: ST_DATA-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-DATA-PRV-SRV-STORAGE + - hostname: ST_DATA-PRV-SRV-STORAGE type: server ip_address: *ST_SRV_STORAGE_IP subnet_mask: *ST_DATA_SUBNET @@ -582,7 +582,7 @@ simulation: services: *ST_SRV_STORAGE_CONFIG - - hostname: ST-DATA-PRV-SRV-DB + - hostname: ST_DATA-PRV-SRV-DB type: server ip_address: *ST_SRV_DB_IP subnet_mask: *ST_DATA_SUBNET @@ -595,30 +595,30 @@ simulation: # SOME_TECH PROJECT A # ####################### - - hostname: ST-PROJ-A-PRV-SW-AS + - hostname: ST_PROJ-A-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-A-PRV-PC-1 + - hostname: ST_PROJ-A-PRV-PC-1 type: computer ip_address: 192.168.230.2 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-A-PRV-PC-2 + - hostname: ST_PROJ-A-PRV-PC-2 type: computer ip_address: 192.168.230.3 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-A-PRV-PC-3 + - hostname: ST_PROJ-A-PRV-PC-3 type: computer ip_address: 192.168.230.4 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -627,30 +627,30 @@ simulation: # SOME_TECH PROJECT B # ####################### - - hostname: ST-PROJ-B-PRV-SW-AS + - hostname: ST_PROJ-B-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-B-PRV-PC-1 + - hostname: ST_PROJ-B-PRV-PC-1 type: computer ip_address: 192.168.240.2 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-B-PRV-PC-2 + - hostname: ST_PROJ-B-PRV-PC-2 type: computer ip_address: 192.168.240.3 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-B-PRV-PC-3 + - hostname: ST_PROJ-B-PRV-PC-3 type: computer ip_address: 192.168.240.4 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -659,30 +659,30 @@ simulation: # SOME_TECH PROJECT C # ####################### - - hostname: ST-PROJ-C-PRV-SW-AS + - hostname: ST_PROJ-C-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-C-PRV-PC-1 + - hostname: ST_PROJ-C-PRV-PC-1 type: computer ip_address: 192.168.250.2 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-C-PRV-PC-2 + - hostname: ST_PROJ-C-PRV-PC-2 type: computer ip_address: 192.168.250.3 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-C-PRV-PC-3 + - hostname: ST_PROJ-C-PRV-PC-3 type: computer ip_address: 192.168.250.4 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -788,13 +788,13 @@ simulation: # Internet Router (Port 4) --> Some Tech DMZ Firewall (External Port) - endpoint_a_hostname: ISP-PUB-RT-BR endpoint_a_port: 4 - endpoint_b_hostname: ST-PUB-FW + endpoint_b_hostname: ST_PUB-FW endpoint_b_port: 1 # Some Tech DMZ Firewall (DMZ Port) --> Some Tech Web Server (Port 1) - - endpoint_a_hostname: ST-PUB-FW + - endpoint_a_hostname: ST_PUB-FW endpoint_a_port: 3 - endpoint_b_hostname: ST-DMZ-PUB-SRV-WEB + endpoint_b_hostname: ST_DMZ-PUB-SRV-WEB endpoint_b_port: 1 ############################ @@ -802,27 +802,27 @@ simulation: ############################ # Some Tech Intranet CR Router (Port 1) --> Some Tech DMZ Firewall (Internal Port) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 1 - endpoint_b_hostname: ST-PUB-FW + endpoint_b_hostname: ST_PUB-FW endpoint_b_port: 2 # Some Tech Intranet CR Router (Port 2) --> Some Tech Intranet DR Router 1 (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 2 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-1 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_b_port: 1 # Some Tech Intranet CR Router (Port 3) --> Some Tech Intranet DR Router 2 (Port 2) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 3 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 1 # Some Tech Intranet Private Router CR (Port 4) --> Some Tech Data Private Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 4 - endpoint_b_hostname: ST-DATA-PRV-SW-AS + endpoint_b_hostname: ST_DATA-PRV-SW-AS endpoint_b_port: 1 @@ -831,27 +831,27 @@ simulation: ############################### # Some Tech Head Office Switch (Port 1) --> Some Tech Intranet Private Router DR 2 (Port 2) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 1 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 2 # Some Tech Head Office Switch (Port 2) --> Some Tech Head Office PC 1 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-HO-PRV-PC-1 + endpoint_b_hostname: ST_HO-PRV-PC-1 endpoint_b_port: 1 # Some Tech Head Office Switch (Port 3) --> Some Tech Head Office PC 2 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-HO-PRV-PC-2 + endpoint_b_hostname: ST_HO-PRV-PC-2 endpoint_b_port: 1 # Some Tech Head Office Switch (Port 4) --> Some Tech Head Office PC 3 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-HO-PRV-PC-3 + endpoint_b_hostname: ST_HO-PRV-PC-3 endpoint_b_port: 1 @@ -860,27 +860,27 @@ simulation: ################################### # Some Tech Human Resources Switch (Port 1) --> Some Tech Intranet Private Router DR 2 (Port 3) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 1 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 3 # Some Tech Human Resources Switch (Port 2) --> Some Tech Human Resources PC 1 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-HR-PRV-PC-1 + endpoint_b_hostname: ST_HR-PRV-PC-1 endpoint_b_port: 1 # Some Tech Human Resources Switch (Port 3) --> Some Tech Human Resources PC 2 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-HR-PRV-PC-2 + endpoint_b_hostname: ST_HR-PRV-PC-2 endpoint_b_port: 1 # Some Tech Human Resources Switch (Port 4) --> Some Tech Human Resources PC 3 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-HR-PRV-PC-3 + endpoint_b_hostname: ST_HR-PRV-PC-3 endpoint_b_port: 1 ######################## @@ -888,16 +888,16 @@ simulation: ######################## # Some Tech Data Switch (Port 2) --> Some Tech Data Private Storage Server (Port 1) - - endpoint_a_hostname: ST-DATA-PRV-SW-AS + - endpoint_a_hostname: ST_DATA-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-DATA-PRV-SRV-STORAGE + endpoint_b_hostname: ST_DATA-PRV-SRV-STORAGE endpoint_b_port: 1 # Some Tech Data Switch (Port 3) --> Some Tech Data Private Database Server (Port 1) - - endpoint_a_hostname: ST-DATA-PRV-SW-AS + - endpoint_a_hostname: ST_DATA-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-DATA-PRV-SRV-DB + endpoint_b_hostname: ST_DATA-PRV-SRV-DB endpoint_b_port: 1 ############################# @@ -905,27 +905,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 2) --> Some Tech Private Project A Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-A-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-A-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 2) --> Some Tech Project A PC 1 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 3) --> Some Tech Project A PC 2 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 4) --> Some Tech Project A PC 3 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-3 endpoint_b_port: 1 ############################# @@ -933,27 +933,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 3) --> Some Tech Private Project B Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-B-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-B-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 2) --> Some Tech Project B PC 1 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 3) --> Some Tech Project B PC 2 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 4) --> Some Tech Project B PC 3 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-3 endpoint_b_port: 1 ############################# @@ -961,27 +961,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 4) --> Some Tech Private Project C Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-C-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-C-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 2) --> Some Tech Project C PC 1 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 3) --> Some Tech Project C PC 2 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 4) --> Some Tech Project C PC 3 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-3 endpoint_b_port: 1 ################################## @@ -1042,18 +1042,18 @@ UC7_IP_LIST: &UC7_IP_LIST - 192.168.20.3 # REM-PUB-PC-2 | ip_id: 6 - 192.168.20.4 # REM-PUB-SRV | ip_id: 7 # ====== ST Public DMZ ======= - - *ST_PUB_SRV_WEB_IP # 192.168.100.2 (ST-DMZ-PUB-SRV-WEB) | ip_id: 8 + - *ST_PUB_SRV_WEB_IP # 192.168.100.2 (ST_DMZ-PUB-SRV-WEB) | ip_id: 8 # ====== ST Head Office ======= - - 192.168.200.2 # ST-HO-PRV-PC-1 | ip_id: 9 - - 192.168.200.3 # ST-HO-PRV-PC-2 | ip_id: 10 - - 192.168.200.4 # ST-HO-PRV-PC-3 | ip_id: 11 + - 192.168.200.2 # ST_HO-PRV-PC-1 | ip_id: 9 + - 192.168.200.3 # ST_HO-PRV-PC-2 | ip_id: 10 + - 192.168.200.4 # ST_HO-PRV-PC-3 | ip_id: 11 # ===== ST Human Resources ====== - - 192.168.210.2 # ST-HR-PRV-PC-1 | ip_id: 12 - - 192.168.210.3 # ST-HR-PRV-PC-2 | ip_id: 13 - - 192.168.210.4 # ST-HR-PRV-PC-3 | ip_id: 14 + - 192.168.210.2 # ST_HR-PRV-PC-1 | ip_id: 12 + - 192.168.210.3 # ST_HR-PRV-PC-2 | ip_id: 13 + - 192.168.210.4 # ST_HR-PRV-PC-3 | ip_id: 14 # ====== ST DATA Servers ======= - - *ST_SRV_STORAGE_IP # 192.168.220.2 (ST-DATA-PRV-SRV-STORAGE) | ip_id: 15 - - *ST_SRV_DB_IP # 192.168.220.3 (ST-DATA-PRV-SRV-DB) | ip_id: 16 + - *ST_SRV_STORAGE_IP # 192.168.220.2 (ST_DATA-PRV-SRV-STORAGE) | ip_id: 15 + - *ST_SRV_DB_IP # 192.168.220.3 (ST_DATA-PRV-SRV-DB) | ip_id: 16 # ====== ST Project A ======= - 192.168.230.2 # PROJ-A-PRV-PC-1 | ip_id: 17 - 192.168.230.3 # PROJ-A-PRV-PC-2 | ip_id: 18 @@ -1083,8 +1083,8 @@ agents: # Home Office Green Agent Pattern Of Life # ====================================== - # 1. Three Home workers accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. Three Home workers accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. Three Home workers accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. Three Home workers accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: HOME_WORKER-1-DB team: GREEN @@ -1177,8 +1177,8 @@ agents: # Remote Site Green Agent Pattern Of Life # ====================================== - # 1. Three Remote workers accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. Three Remote workers accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. Three Remote workers accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. Three Remote workers accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: REMOTE_WORKER-1-DB team: GREEN @@ -1272,10 +1272,10 @@ agents: # ST Project A Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_A-SENIOR-DEV-DB @@ -1284,7 +1284,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1296,7 +1296,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-1 + node_hostname: ST_PROJ-A-PRV-PC-1 - ref: PROJ_A-SENIOR-DEV-WEB team: GREEN @@ -1310,7 +1310,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1319,7 +1319,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-1 + node_hostname: ST_PROJ-A-PRV-PC-1 - ref: PROJ_A-JUNIOR-DEV-1-DB team: GREEN @@ -1327,7 +1327,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1339,7 +1339,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-2 + node_hostname: ST_PROJ-A-PRV-PC-2 - ref: PROJ_A-JUNIOR-DEV-1-WEB team: GREEN @@ -1353,7 +1353,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-2 + node_name: ST_PROJ-A-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1362,7 +1362,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-2 + node_hostname: ST_PROJ-A-PRV-PC-2 - ref: PROJ_A-JUNIOR-DEV-2-DB team: GREEN @@ -1370,7 +1370,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1382,7 +1382,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-3 + node_hostname: ST_PROJ-A-PRV-PC-3 - ref: PROJ_A-JUNIOR-DEV-2-WEB team: GREEN @@ -1396,7 +1396,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-3 + node_name: ST_PROJ-A-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1405,7 +1405,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-3 + node_hostname: ST_PROJ-A-PRV-PC-3 #################################### # ST Project B Network POL Config # @@ -1413,10 +1413,10 @@ agents: # ST Project B Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_B-SENIOR-DEV-DB team: GREEN @@ -1424,7 +1424,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1436,7 +1436,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-1 + node_hostname: ST_PROJ-B-PRV-PC-1 - ref: PROJ_B-SENIOR-DEV-WEB team: GREEN @@ -1450,7 +1450,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-1 + node_name: ST_PROJ-B-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1459,14 +1459,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-1 + node_hostname: ST_PROJ-B-PRV-PC-1 - ref: PROJ_B-JUNIOR-DEV-1-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1478,7 +1478,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-2 + node_hostname: ST_PROJ-B-PRV-PC-2 - ref: PROJ_B-JUNIOR-DEV-1-WEB team: GREEN @@ -1492,7 +1492,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1501,14 +1501,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-2 + node_hostname: ST_PROJ-B-PRV-PC-2 - ref: PROJ_B-JUNIOR-DEV-2-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1520,7 +1520,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-3 + node_hostname: ST_PROJ-B-PRV-PC-3 - ref: PROJ_B-JUNIOR-DEV-2-WEB team: GREEN @@ -1534,7 +1534,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-3 + node_name: ST_PROJ-B-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1543,7 +1543,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-3 + node_hostname: ST_PROJ-B-PRV-PC-3 #################################### # ST Project C Network POL Config # @@ -1551,10 +1551,10 @@ agents: # ST Project C Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_C-SENIOR-DEV-DB team: GREEN @@ -1562,7 +1562,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1574,7 +1574,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-1 + node_hostname: ST_PROJ-C-PRV-PC-1 - ref: PROJ_C-SENIOR-DEV-WEB team: GREEN @@ -1588,7 +1588,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-1 + node_name: ST_PROJ-C-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1597,14 +1597,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-1 + node_hostname: ST_PROJ-C-PRV-PC-1 - ref: PROJ_C-JUNIOR-DEV-1-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1616,7 +1616,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-2 + node_hostname: ST_PROJ-C-PRV-PC-2 - ref: PROJ_C-JUNIOR-DEV-1-WEB team: GREEN @@ -1630,7 +1630,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-2 + node_name: ST_PROJ-C-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1639,7 +1639,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-2 + node_hostname: ST_PROJ-C-PRV-PC-2 - ref: PROJ_C-JUNIOR-DEV-2-DB team: GREEN @@ -1647,7 +1647,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1659,7 +1659,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-3 + node_hostname: ST_PROJ-C-PRV-PC-3 - ref: PROJ_C-JUNIOR-DEV-2-WEB team: GREEN @@ -1673,7 +1673,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1682,7 +1682,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-3 + node_hostname: ST_PROJ-C-PRV-PC-3 ###################################### # ST Head Office Network POL Config # @@ -1690,9 +1690,9 @@ agents: # ST Head Office Green Agent Pattern Of Life # ========================================== - # 1. The ST CEO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 2. The ST CTO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. The ST CFO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. The ST CEO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 2. The ST CTO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. The ST CFO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: CEO team: GREEN @@ -1708,14 +1708,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-1 + node_name: ST_HO-PRV-PC-1 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *HIGH_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-1 + node_hostname: ST_HO-PRV-PC-1 - ref: CTO team: GREEN @@ -1731,14 +1731,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-2 + node_name: ST_HO-PRV-PC-2 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-2 + node_hostname: ST_HO-PRV-PC-2 - ref: CFO team: GREEN @@ -1754,14 +1754,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-3 + node_name: ST_HO-PRV-PC-3 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-3 + node_hostname: ST_HO-PRV-PC-3 ########################################## # ST Human Resources Network POL Config # @@ -1769,8 +1769,8 @@ agents: # ST Head Office Green Agent Pattern Of Life # ========================================== - # 1. A senior HR staff accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 2. Two junior HR staff accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A senior HR staff accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 2. Two junior HR staff accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: SENIOR_HR team: GREEN @@ -1786,14 +1786,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-1 + node_name: ST_HR-PRV-PC-1 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-1 + node_hostname: ST_HR-PRV-PC-1 - ref: JUNIOR_HR-1 team: GREEN @@ -1809,14 +1809,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-2 + node_name: ST_HR-PRV-PC-2 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-2 + node_hostname: ST_HR-PRV-PC-2 - ref: JUNIOR_HR-2 team: GREEN @@ -1832,14 +1832,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-3 + node_name: ST_HR-PRV-PC-3 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-3 + node_hostname: ST_HR-PRV-PC-3 ########################## # UC7 Red Agent Config # @@ -1856,28 +1856,28 @@ agents: variance: 0 repeat_kill_chain: false repeat_kill_chain_stages: true - default_starting_node: "ST-PROJ-A-PRV-PC-1" + default_starting_node: "ST_PROJ-A-PRV-PC-1" starting_nodes: - # starting_nodes: ["ST-PROJ-A-PRV-PC-1", "ST-PROJ-B-PRV-PC-2", "ST-PROJ-C-PRV-PC-3"] + # starting_nodes: ["ST_PROJ-A-PRV-PC-1", "ST_PROJ-B-PRV-PC-2", "ST_PROJ-C-PRV-PC-3"] kill_chain: PLANNING: probability: 1 starting_network_knowledge: credentials: - ST-PROJ-A-PRV-PC-1: + ST_PROJ-A-PRV-PC-1: username: admin password: admin - ST-PROJ-B-PRV-PC-2: + ST_PROJ-B-PRV-PC-2: username: admin password: admin - ST-PROJ-C-PRV-PC-3: + ST_PROJ-C-PRV-PC-3: username: admin password: admin - ST-INTRA-PRV-RT-DR-1: + ST_INTRA-PRV-RT-DR-1: ip_address: 192.168.230.1 username: admin password: admin - ST-INTRA-PRV-RT-CR: + ST_INTRA-PRV-RT-CR: ip_address: 192.168.160.1 username: admin password: admin @@ -1890,13 +1890,13 @@ agents: MANIPULATION: probability: 1 account_changes: - - host: ST-INTRA-PRV-RT-DR-1 - ip_address: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 + - host: ST_INTRA-PRV-RT-DR-1 + ip_address: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 action: change_password username: admin new_password: "red_pass" - - host: ST-INTRA-PRV-RT-CR - ip_address: 192.168.160.1 # ST-INTRA-PRV-RT-CR + - host: ST_INTRA-PRV-RT-CR + ip_address: 192.168.160.1 # ST_INTRA-PRV-RT-CR action: change_password username: "admin" new_password: "red_pass" @@ -1908,7 +1908,7 @@ agents: EXPLOIT: probability: 1 malicious_acls: - - target_router: ST-INTRA-PRV-RT-DR-1 + - target_router: ST_INTRA-PRV-RT-DR-1 position: 1 permission: DENY src_ip: ALL @@ -1918,7 +1918,7 @@ agents: src_port: POSTGRES_SERVER dst_port: POSTGRES_SERVER protocol_name: TCP - - target_router: ST-INTRA-PRV-RT-CR + - target_router: ST_INTRA-PRV-RT-CR position: 1 permission: DENY src_ip: ALL @@ -1954,8 +1954,8 @@ agents: label: NODES options: hosts: - # TAP001 Potential Starting Note | ST-PROJ-A-PRV-PC-1 - - hostname: ST-PROJ-A-PRV-PC-1 + # TAP001 Potential Starting Note | ST_PROJ-A-PRV-PC-1 + - hostname: ST_PROJ-A-PRV-PC-1 services: - service_name: ftp-client applications: @@ -1968,8 +1968,8 @@ agents: - folder_name: exfiltration_folder files: - file_name: database.db - # TAP001 Potential Starting Note | ST-PROJ-B-PRV-PC-2 - - hostname: ST-PROJ-B-PRV-PC-2 + # TAP001 Potential Starting Note | ST_PROJ-B-PRV-PC-2 + - hostname: ST_PROJ-B-PRV-PC-2 services: - service_name: ftp-client applications: @@ -1981,8 +1981,8 @@ agents: - folder_name: exfiltration_folder files: - file_name: database.db - # TAP001 Potential Starting Note | ST-PROJ-C-PRV-PC-3 - - hostname: ST-PROJ-C-PRV-PC-3 + # TAP001 Potential Starting Note | ST_PROJ-C-PRV-PC-3 + - hostname: ST_PROJ-C-PRV-PC-3 services: - service_name: ftp-client applications: @@ -1995,14 +1995,14 @@ agents: files: - file_name: database.db # ST DATA Server Database - - hostname: ST-DATA-PRV-SRV-DB + - hostname: ST_DATA-PRV-SRV-DB folders: - folder_name: database files: - file_name: database.db routers: - - hostname: ST-INTRA-PRV-RT-CR # TAP003 Malicious ACL Target | ROUTER0 - - hostname: ST-INTRA-PRV-RT-DR-1 # TAP003 Malicious ACL Target | ROUTER1 + - hostname: ST_INTRA-PRV-RT-CR # TAP003 Malicious ACL Target | ROUTER0 + - hostname: ST_INTRA-PRV-RT-DR-1 # TAP003 Malicious ACL Target | ROUTER1 - hostname: REM-PUB-RT-DR # TAP003 Malicious ACL Target | ROUTER2 num_ports: 5 num_services: 2 @@ -2065,41 +2065,41 @@ agents: - REM-PUB-SW-AS:eth-3<->REM-PUB-PC-2:eth-1 # 11 - REM-PUB-SW-AS:eth-4<->REM-PUB-SRV:eth-1 # 12 # SOME_TECH DMZ - - ISP-PUB-RT-BR:eth-4<->ST-PUB-FW:eth-1 # 13 - - ST-PUB-FW:eth-3<->ST-DMZ-PUB-SRV-WEB:eth-1 # 14 + - ISP-PUB-RT-BR:eth-4<->ST_PUB-FW:eth-1 # 13 + - ST_PUB-FW:eth-3<->ST_DMZ-PUB-SRV-WEB:eth-1 # 14 # SOME_TECH Intranet - - ST-INTRA-PRV-RT-CR:eth-1<->ST-PUB-FW:eth-2 # 15 - - ST-INTRA-PRV-RT-CR:eth-2<->ST-INTRA-PRV-RT-DR-1:eth-1 # 16 - - ST-INTRA-PRV-RT-CR:eth-3<->ST-INTRA-PRV-RT-DR-2:eth-1 # 17 - - ST-INTRA-PRV-RT-CR:eth-4<->ST-DATA-PRV-SW-AS:eth-1 # 18 + - ST_INTRA-PRV-RT-CR:eth-1<->ST_PUB-FW:eth-2 # 15 + - ST_INTRA-PRV-RT-CR:eth-2<->ST_INTRA-PRV-RT-DR-1:eth-1 # 16 + - ST_INTRA-PRV-RT-CR:eth-3<->ST_INTRA-PRV-RT-DR-2:eth-1 # 17 + - ST_INTRA-PRV-RT-CR:eth-4<->ST_DATA-PRV-SW-AS:eth-1 # 18 # SOME_TECH Head Office - - ST-HO-PRV-SW-AS:eth-1<->ST-INTRA-PRV-RT-DR-2:eth-2 # 19 - - ST-HO-PRV-SW-AS:eth-2<->ST-HO-PRV-PC-1:eth-1 # 20 - - ST-HO-PRV-SW-AS:eth-3<->ST-HO-PRV-PC-2:eth-1 # 21 - - ST-HO-PRV-SW-AS:eth-4<->ST-HO-PRV-PC-3:eth-1 # 22 + - ST_HO-PRV-SW-AS:eth-1<->ST_INTRA-PRV-RT-DR-2:eth-2 # 19 + - ST_HO-PRV-SW-AS:eth-2<->ST_HO-PRV-PC-1:eth-1 # 20 + - ST_HO-PRV-SW-AS:eth-3<->ST_HO-PRV-PC-2:eth-1 # 21 + - ST_HO-PRV-SW-AS:eth-4<->ST_HO-PRV-PC-3:eth-1 # 22 # SOME_TECH Human Resources - - ST-HR-PRV-SW-AS:eth-1<->ST-INTRA-PRV-RT-DR-2:eth-3 # 23 - - ST-HR-PRV-SW-AS:eth-2<->ST-HR-PRV-PC-1:eth-1 # 24 - - ST-HR-PRV-SW-AS:eth-3<->ST-HR-PRV-PC-2:eth-1 # 25 - - ST-HR-PRV-SW-AS:eth-4<->ST-HR-PRV-PC-3:eth-1 # 26 + - ST_HR-PRV-SW-AS:eth-1<->ST_INTRA-PRV-RT-DR-2:eth-3 # 23 + - ST_HR-PRV-SW-AS:eth-2<->ST_HR-PRV-PC-1:eth-1 # 24 + - ST_HR-PRV-SW-AS:eth-3<->ST_HR-PRV-PC-2:eth-1 # 25 + - ST_HR-PRV-SW-AS:eth-4<->ST_HR-PRV-PC-3:eth-1 # 26 # SOME_TECH Data Links - - ST-DATA-PRV-SW-AS:eth-2<->ST-DATA-PRV-SRV-STORAGE:eth-1 # 27 - - ST-DATA-PRV-SW-AS:eth-3<->ST-DATA-PRV-SRV-DB:eth-1 # 28 + - ST_DATA-PRV-SW-AS:eth-2<->ST_DATA-PRV-SRV-STORAGE:eth-1 # 27 + - ST_DATA-PRV-SW-AS:eth-3<->ST_DATA-PRV-SRV-DB:eth-1 # 28 # SOME_TECH Project A Links - - ST-INTRA-PRV-RT-DR-1:eth-2<->ST-PROJ-A-PRV-SW-AS:eth-1 # 29 - - ST-PROJ-A-PRV-SW-AS:eth2<->ST-PROJ-A-PRV-PC-1:eth-1 # 31 - - ST-PROJ-A-PRV-SW-AS:eth3<->ST-PROJ-A-PRV-PC-2:eth-1 # 32 - - ST-PROJ-A-PRV-SW-AS:eth4<->ST-PROJ-A-PRV-PC-3:eth-1 # 33 + - ST_INTRA-PRV-RT-DR-1:eth-2<->ST_PROJ-A-PRV-SW-AS:eth-1 # 29 + - ST_PROJ-A-PRV-SW-AS:eth2<->ST_PROJ-A-PRV-PC-1:eth-1 # 31 + - ST_PROJ-A-PRV-SW-AS:eth3<->ST_PROJ-A-PRV-PC-2:eth-1 # 32 + - ST_PROJ-A-PRV-SW-AS:eth4<->ST_PROJ-A-PRV-PC-3:eth-1 # 33 # SOME_TECH Project B Links - - ST-INTRA-PRV-RT-DR-1:eth-3<->ST-PROJ-B-PRV-SW-AS:eth-1 # 34 - - ST-PROJ-B-PRV-SW-AS:eth2<->ST-PROJ-B-PRV-PC-1:eth-1 # 35 - - ST-PROJ-B-PRV-SW-AS:eth3<->ST-PROJ-B-PRV-PC-2:eth-1 # 36 - - ST-PROJ-B-PRV-SW-AS:eth4<->ST-PROJ-B-PRV-PC-3:eth-1 # 37 + - ST_INTRA-PRV-RT-DR-1:eth-3<->ST_PROJ-B-PRV-SW-AS:eth-1 # 34 + - ST_PROJ-B-PRV-SW-AS:eth2<->ST_PROJ-B-PRV-PC-1:eth-1 # 35 + - ST_PROJ-B-PRV-SW-AS:eth3<->ST_PROJ-B-PRV-PC-2:eth-1 # 36 + - ST_PROJ-B-PRV-SW-AS:eth4<->ST_PROJ-B-PRV-PC-3:eth-1 # 37 # SOME_TECH Project C Links - - ST-INTRA-PRV-RT-DR-1:eth-4<->ST-PROJ-C-PRV-SW-AS:eth-1 # 38 - - ST-PROJ-A-PRV-SW-AS:eth2<->ST-PROJ-C-PRV-PC-1:eth-1 # 39 - - ST-PROJ-A-PRV-SW-AS:eth3<->ST-PROJ-C-PRV-PC-2:eth-1 # 40 - - ST-PROJ-A-PRV-SW-AS:eth4<->ST-PROJ-C-PRV-PC-3:eth-1 # 41 + - ST_INTRA-PRV-RT-DR-1:eth-4<->ST_PROJ-C-PRV-SW-AS:eth-1 # 38 + - ST_PROJ-A-PRV-SW-AS:eth2<->ST_PROJ-C-PRV-PC-1:eth-1 # 39 + - ST_PROJ-A-PRV-SW-AS:eth3<->ST_PROJ-C-PRV-PC-2:eth-1 # 40 + - ST_PROJ-A-PRV-SW-AS:eth4<->ST_PROJ-C-PRV-PC-3:eth-1 # 41 action_space: action_map: 0: @@ -2107,402 +2107,402 @@ agents: options: {} # |======================================| - # | ST-PROJ-A-PRV-PC-1 | + # | ST_PROJ-A-PRV-PC-1 | # |======================================| - # ST-PROJ-A-PRV-PC-1 | node-os-scan + # ST_PROJ-A-PRV-PC-1 | node-os-scan 1: action: node-os-scan options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-shutdown + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-shutdown 2: action: node-shutdown options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-startup + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-startup 3: action: node-startup options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-reset + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-reset 4: action: node-reset options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | host-nic-disable + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | host-nic-disable 5: action: host-nic-disable options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 nic_num: 0 - # ST-PROJ-A-PRV-PC-1 | host-nic-enable + # ST_PROJ-A-PRV-PC-1 | host-nic-enable 6: action: host-nic-enable options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 nic_num: 0 - # ST-PROJ-A-PRV-PC-1 | node-application-close | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-close | database-client 7: action: node-application-close options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-scan | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-scan | database-client 8: action: node-application-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-fix | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-fix | database-client 9: action: node-application-fix options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-remove | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-remove | database-client 10: action: node-application-remove options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-A-PRV-PC-1 | node-file-scan | downloads/malware_dropper.ps1 11: action: node-file-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-A-PRV-PC-1 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-A-PRV-PC-1 | node-file-scan | exfiltration_folder/database.db 12: action: node-file-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-A-PRV-PC-1 | node-folder-scan | downloads/ + # ST_PROJ-A-PRV-PC-1 | node-folder-scan | downloads/ 13: action: node-folder-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: downloads - # ST-PROJ-A-PRV-PC-1 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-A-PRV-PC-1 | node-folder-scan | exfiltration_folder/ 14: action: node-folder-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: exfiltration_folder # |======================================| - # | ST-PROJ-B-PRV-PC-2 | + # | ST_PROJ-B-PRV-PC-2 | # |======================================| - # ST-PROJ-B-PRV-PC-2 | node-os-scan + # ST_PROJ-B-PRV-PC-2 | node-os-scan 15: action: node-os-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-shutdown + # ST_PROJ-B-PRV-PC-2 | node-shutdown 16: action: node-shutdown options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-startup + # ST_PROJ-B-PRV-PC-2 | node-startup 17: action: node-startup options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-reset + # ST_PROJ-B-PRV-PC-2 | node-reset 18: action: node-reset options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | host-nic-disable + # ST_PROJ-B-PRV-PC-2 | host-nic-disable 19: action: host-nic-disable options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 nic_num: 0 - # ST-PROJ-B-PRV-PC-2 | host-nic-enable + # ST_PROJ-B-PRV-PC-2 | host-nic-enable 20: action: host-nic-enable options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 nic_num: 0 - # ST-PROJ-B-PRV-PC-2 | node-application-close | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-close | database-client 21: action: node-application-close options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-scan | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-scan | database-client 22: action: node-application-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-fix | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-fix | database-client 23: action: node-application-fix options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-remove | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-remove | database-client 24: action: node-application-remove options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-B-PRV-PC-2 | node-file-scan | downloads/malware_dropper.ps1 25: action: node-file-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-B-PRV-PC-2 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-B-PRV-PC-2 | node-file-scan | exfiltration_folder/database.db 26: action: node-file-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-B-PRV-PC-2 | node-folder-scan | downloads/ + # ST_PROJ-B-PRV-PC-2 | node-folder-scan | downloads/ 27: action: node-folder-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: downloads - # ST-PROJ-B-PRV-PC-2 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-B-PRV-PC-2 | node-folder-scan | exfiltration_folder/ 28: action: node-folder-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: exfiltration_folder # |======================================| - # | ST-PROJ-C-PRV-PC-3 | + # | ST_PROJ-C-PRV-PC-3 | # |======================================| - # ST-PROJ-C-PRV-PC-3 | node-os-scan + # ST_PROJ-C-PRV-PC-3 | node-os-scan 29: action: node-os-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-shutdown + # ST_PROJ-C-PRV-PC-3 | node-shutdown 30: action: node-shutdown options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-startup + # ST_PROJ-C-PRV-PC-3 | node-startup 31: action: node-startup options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-reset + # ST_PROJ-C-PRV-PC-3 | node-reset 32: action: node-reset options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | host-nic-disable + # ST_PROJ-C-PRV-PC-3 | host-nic-disable 33: action: host-nic-disable options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 nic_num: 0 - # ST-PROJ-C-PRV-PC-3 | host-nic-enable + # ST_PROJ-C-PRV-PC-3 | host-nic-enable 34: action: host-nic-enable options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 nic_num: 0 - # ST-PROJ-C-PRV-PC-3 | node-application-close | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-close | database-client 35: action: node-application-close options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-scan | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-scan | database-client 36: action: node-application-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-fix | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-fix | database-client 37: action: node-application-fix options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-remove | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-remove | database-client 38: action: node-application-remove options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-C-PRV-PC-3 | node-file-scan | downloads/malware_dropper.ps1 39: action: node-file-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-C-PRV-PC-3 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-C-PRV-PC-3 | node-file-scan | exfiltration_folder/database.db 40: action: node-file-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-C-PRV-PC-3 | node-folder-scan | downloads/ + # ST_PROJ-C-PRV-PC-3 | node-folder-scan | downloads/ 41: action: node-folder-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: downloads - # ST-PROJ-C-PRV-PC-3 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-C-PRV-PC-3 | node-folder-scan | exfiltration_folder/ 42: action: node-folder-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: exfiltration_folder # |======================================| - # | ST-INTRA-PRV-RT-CR | + # | ST_INTRA-PRV-RT-CR | # |======================================| - # ST-INTRA-PRV-RT-CR | router-acl-addrule | P2: ST-PROJ-A-PRV-PC-1 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-addrule | P2: ST_PROJ-A-PRV-PC-1 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 43: action: router-acl-addrule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 1 permission: DENY - src_ip: 192.168.230.2 # (ST-PROJ-A-PRV-PC-1) + src_ip: 192.168.230.2 # (ST_PROJ-A-PRV-PC-1) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 1 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 1 44: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 1 - # ST-INTRA-PRV-RT-CR | router-acl-addrule | P3: ST-PROJ-B-PRV-PC-2 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-addrule | P3: ST_PROJ-B-PRV-PC-2 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 45: action: router-acl-addrule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 2 permission: DENY - src_ip: 192.168.240.3 # (ST-PROJ-B-PRV-PC-2) + src_ip: 192.168.240.3 # (ST_PROJ-B-PRV-PC-2) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 2 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 2 46: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 2 - # ST-INTRA-PRV-RT-CR | router-acl-addrule | P4: ST-PROJ-C-PRV-PC-3 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-addrule | P4: ST_PROJ-C-PRV-PC-3 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 47: action: router-acl-addrule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 3 permission: DENY - src_ip: 192.168.250.4 # (ST-PROJ-C-PRV-PC-3) + src_ip: 192.168.250.4 # (ST_PROJ-C-PRV-PC-3) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 3 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 3 48: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 3 # |======================================| - # | ST-DATA-PRV-SRV-DB | + # | ST_DATA-PRV-SRV-DB | # |======================================| - # ST-DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status) + # ST_DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status) 49: action: node-file-scan options: - node_name: ST-DATA-PRV-SRV-DB + node_name: ST_DATA-PRV-SRV-DB folder_name: database file_name: database.db - # ST-DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account + # ST_DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account 50: action: node-account-change-password options: - node_name: ST-DATA-PRV-SRV-DB + node_name: ST_DATA-PRV-SRV-DB username: admin # default account current_password: admin # default password new_password: thr33_alert_wolv3z # A more 'secure' password # |======================================| - # | ST-INTRA-PRV-RT-DR-1 | + # | ST_INTRA-PRV-RT-DR-1 | # |======================================| - # ST-INTRA-PRV-RT-DR-1 | router-acl-addrule | P1: ST-INTRA-PRV-RT-DR-1 !==> ANY (TCP:SSH) + # ST_INTRA-PRV-RT-DR-1 | router-acl-addrule | P1: ST_INTRA-PRV-RT-DR-1 !==> ANY (TCP:SSH) 51: action: router-acl-addrule options: - target_router: ST-INTRA-PRV-RT-DR-1 + target_router: ST_INTRA-PRV-RT-DR-1 position: 1 permission: DENY - src_ip: 192.168.230.2 # (ST-PROJ-A-PRV-PC-1) + src_ip: 192.168.230.2 # (ST_PROJ-A-PRV-PC-1) src_wildcard: 0.0.255.255 src_port: SSH dst_ip: ALL @@ -2510,20 +2510,20 @@ agents: dst_port: SSH protocol_name: TCP - # ST-INTRA-PRV-RT-DR-1 | node-account-change-password + # ST_INTRA-PRV-RT-DR-1 | node-account-change-password 52: action: node-account-change-password options: - node_name: ST-INTRA-PRV-RT-DR-1 + node_name: ST_INTRA-PRV-RT-DR-1 username: admin current_password: admin new_password: secure_password - # ST-INTRA-PRV-RT-DR-1 | router-acl-remove-rule | Removes the given ACL at position 1 + # ST_INTRA-PRV-RT-DR-1 | router-acl-remove-rule | Removes the given ACL at position 1 53: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-DR-1 + target_router: ST_INTRA-PRV-RT-DR-1 position: 1 # |======================================| @@ -2551,7 +2551,7 @@ agents: - type: database-file-integrity weight: *HIGH_WEIGHT_IMPACT options: - node_hostname: ST-DATA-PRV-SRV-DB + node_hostname: ST_DATA-PRV-SRV-DB folder_name: database file_name: database.db @@ -2772,7 +2772,7 @@ agents: # # UC7 Network Wide System Pattern Of Life # # ========================================== # # 1. All NTP Clients perform periodic NTP Server transactions. - # # 2. Periodic Database (ST-DATA-PRV-SRV-DB) FTP backups (ST-DATA-PRV-SRV-STORAGE) + # # 2. Periodic Database (ST_DATA-PRV-SRV-DB) FTP backups (ST_DATA-PRV-SRV-STORAGE) # # 3. All DNS Clients perform periodic DNS Server transactions. # # TODO: NTPClient Node Service Start doesn't start a 'Request' @@ -2827,50 +2827,50 @@ agents: # 7: # action: NODE_SERVICE_START # options: - # node_id: 6 # ST-DMZ-PUB-SRV-WEB + # node_id: 6 # ST_DMZ-PUB-SRV-WEB # service_id: 0 # # ====== ST Head Office ======= # 8: # action: NODE_SERVICE_START # options: - # node_id: 7 # ST-HO-PRV-PC-1 + # node_id: 7 # ST_HO-PRV-PC-1 # service_id: 0 # 9: # action: NODE_SERVICE_START # options: - # node_id: 8 # ST-HO-PRV-PC-2 + # node_id: 8 # ST_HO-PRV-PC-2 # service_id: 0 # 10: # action: NODE_SERVICE_START # options: - # node_id: 9 # ST-HO-PRV-PC-3 + # node_id: 9 # ST_HO-PRV-PC-3 # service_id: 0 # # ====== ST Human Resources ======= # 11: # action: NODE_SERVICE_START # options: - # node_id: 10 # ST-HR-PRV-PC-1 + # node_id: 10 # ST_HR-PRV-PC-1 # service_id: 0 # 12: # action: NODE_SERVICE_START # options: - # node_id: 11 # ST-HR-PRV-PC-2 + # node_id: 11 # ST_HR-PRV-PC-2 # service_id: 0 # 13: # action: NODE_SERVICE_START # options: - # node_id: 12 # ST-HR-PRV-PC-3 + # node_id: 12 # ST_HR-PRV-PC-3 # service_id: 0 # # ====== ST DATA Servers ======= # 14: # action: NODE_SERVICE_START # options: - # node_id: 13 # ST-DATA-PRV-SRV-STORAGE + # node_id: 13 # ST_DATA-PRV-SRV-STORAGE # service_id: 0 # 15: # action: NODE_SERVICE_START # options: - # node_id: 14 # ST-DATA-PRV-SRV-DB + # node_id: 14 # ST_DATA-PRV-SRV-DB # service_id: 0 # # ====== ST Project A ======= # 16: @@ -2943,34 +2943,34 @@ agents: # services: # - service_name: NTPClient # # ====== ST Public DMZ ======= - # - node_name: ST-DMZ-PUB-SRV-WEB + # - node_name: ST_DMZ-PUB-SRV-WEB # services: # - service_name: NTPClient # # ====== ST Head Office ======= - # - node_name: ST-HO-PRV-PC-1 + # - node_name: ST_HO-PRV-PC-1 # services: # - service_name: NTPClient - # - node_name: ST-HO-PRV-PC-2 + # - node_name: ST_HO-PRV-PC-2 # services: # - service_name: NTPClient - # - node_name: ST-HO-PRV-PC-3 + # - node_name: ST_HO-PRV-PC-3 # services: # - service_name: NTPClient # # ===== ST Human Resources ====== - # - node_name: ST-HR-PRV-PC-1 + # - node_name: ST_HR-PRV-PC-1 # services: # - service_name: NTPClient - # - node_name: ST-HR-PRV-PC-2 + # - node_name: ST_HR-PRV-PC-2 # services: # - service_name: NTPClient - # - node_name: ST-HR-PRV-PC-3 + # - node_name: ST_HR-PRV-PC-3 # services: # - service_name: NTPClient # # ====== ST DATA Servers ======= - # - node_name: ST-DATA-PRV-SRV-STORAGE + # - node_name: ST_DATA-PRV-SRV-STORAGE # services: # - service_name: NTPClient - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # services: # - service_name: NTPClient # # ====== ST Project A ======= @@ -3019,7 +3019,7 @@ agents: # reward_components: # - type: DUMMY - # # 2. Periodic Database (ST-DATA-PRV-SRV-DB) FTP backups (ST-DATA-PRV-SRV-STORAGE) + # # 2. Periodic Database (ST_DATA-PRV-SRV-DB) FTP backups (ST_DATA-PRV-SRV-STORAGE) # - ref: SYSTEM-FTP # team: GREEN @@ -3040,7 +3040,7 @@ agents: # service_id: 0 # options: # nodes: - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # applications: # - application_name: database-client # ip_list: @@ -3110,50 +3110,50 @@ agents: # 7: # action: NODE_SERVICE_START # options: - # node_id: 6 # ST-DMZ-PUB-SRV-WEB + # node_id: 6 # ST_DMZ-PUB-SRV-WEB # service_id: 0 # # ====== ST Head Office ======= # 8: # action: NODE_SERVICE_START # options: - # node_id: 7 # ST-HO-PRV-PC-1 + # node_id: 7 # ST_HO-PRV-PC-1 # service_id: 0 # 9: # action: NODE_SERVICE_START # options: - # node_id: 8 # ST-HO-PRV-PC-2 + # node_id: 8 # ST_HO-PRV-PC-2 # service_id: 0 # 10: # action: NODE_SERVICE_START # options: - # node_id: 9 # ST-HO-PRV-PC-3 + # node_id: 9 # ST_HO-PRV-PC-3 # service_id: 0 # # ====== ST Human Resources ======= # 11: # action: NODE_SERVICE_START # options: - # node_id: 10 # ST-HR-PRV-PC-1 + # node_id: 10 # ST_HR-PRV-PC-1 # service_id: 0 # 12: # action: NODE_SERVICE_START # options: - # node_id: 11 # ST-HR-PRV-PC-2 + # node_id: 11 # ST_HR-PRV-PC-2 # service_id: 0 # 13: # action: NODE_SERVICE_START # options: - # node_id: 12 # ST-HR-PRV-PC-3 + # node_id: 12 # ST_HR-PRV-PC-3 # service_id: 0 # # ====== ST DATA Servers ======= # 14: # action: NODE_SERVICE_START # options: - # node_id: 13 # ST-DATA-PRV-SRV-STORAGE + # node_id: 13 # ST_DATA-PRV-SRV-STORAGE # service_id: 0 # 15: # action: NODE_SERVICE_START # options: - # node_id: 14 # ST-DATA-PRV-SRV-DB + # node_id: 14 # ST_DATA-PRV-SRV-DB # service_id: 0 # # ====== ST Project A ======= # 16: @@ -3226,34 +3226,34 @@ agents: # services: # - service_name: dns-client # # ====== ST Public DMZ ======= - # - node_name: ST-DMZ-PUB-SRV-WEB + # - node_name: ST_DMZ-PUB-SRV-WEB # services: # - service_name: dns-client # # ====== ST Head Office ======= - # - node_name: ST-HO-PRV-PC-1 + # - node_name: ST_HO-PRV-PC-1 # services: # - service_name: dns-client - # - node_name: ST-HO-PRV-PC-2 + # - node_name: ST_HO-PRV-PC-2 # services: # - service_name: dns-client - # - node_name: ST-HO-PRV-PC-3 + # - node_name: ST_HO-PRV-PC-3 # services: # - service_name: dns-client # # ===== ST Human Resources ====== - # - node_name: ST-HR-PRV-PC-1 + # - node_name: ST_HR-PRV-PC-1 # services: # - service_name: dns-client - # - node_name: ST-HR-PRV-PC-2 + # - node_name: ST_HR-PRV-PC-2 # services: # - service_name: dns-client - # - node_name: ST-HR-PRV-PC-3 + # - node_name: ST_HR-PRV-PC-3 # services: # - service_name: dns-client # # ====== ST DATA Servers ======= - # - node_name: ST-DATA-PRV-SRV-STORAGE + # - node_name: ST_DATA-PRV-SRV-STORAGE # services: # - service_name: dns-client - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # services: # - service_name: dns-client # # ====== ST Project A ======= diff --git a/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC1.yaml b/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC1.yaml index a066eaa4..e4a76f84 100644 --- a/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC1.yaml +++ b/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC1.yaml @@ -9,8 +9,8 @@ red: &red repeat_kill_chain: false repeat_kill_chain_stages: true default_target_ip: 192.168.220.3 - default_starting_node: "ST-PROJ-C-PRV-PC-1" - # starting_nodes: ["ST-PROJ-A-PRV-PC-1", "ST-PROJ-B-PRV-PC-2", "ST-PROJ-C-PRV-PC-3"] + default_starting_node: "ST_PROJ-C-PRV-PC-1" + # starting_nodes: ["ST_PROJ-A-PRV-PC-1", "ST_PROJ-B-PRV-PC-2", "ST_PROJ-C-PRV-PC-3"] starting_nodes: kill_chain: ACTIVATE: diff --git a/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC2.yaml b/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC2.yaml index 7256b154..bdf1ceb0 100644 --- a/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC2.yaml +++ b/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC2.yaml @@ -9,8 +9,8 @@ red: &red repeat_kill_chain: false repeat_kill_chain_stages: true default_target_ip: 192.168.220.3 - default_starting_node: "ST-PROJ-B-PRV-PC-2" - # starting_nodes: ["ST-PROJ-A-PRV-PC-1", "ST-PROJ-B-PRV-PC-2", "ST-PROJ-C-PRV-PC-3"] + default_starting_node: "ST_PROJ-B-PRV-PC-2" + # starting_nodes: ["ST_PROJ-A-PRV-PC-1", "ST_PROJ-B-PRV-PC-2", "ST_PROJ-C-PRV-PC-3"] starting_nodes: kill_chain: ACTIVATE: diff --git a/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC3.yaml b/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC3.yaml index 162f4753..b65ae4d8 100644 --- a/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC3.yaml +++ b/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP001_PC3.yaml @@ -9,8 +9,8 @@ red: &red repeat_kill_chain: false repeat_kill_chain_stages: true default_target_ip: 192.168.220.3 - default_starting_node: "ST-PROJ-C-PRV-PC-3" - # starting_nodes: ["ST-PROJ-A-PRV-PC-1", "ST-PROJ-B-PRV-PC-2", "ST-PROJ-C-PRV-PC-3"] + default_starting_node: "ST_PROJ-C-PRV-PC-3" + # starting_nodes: ["ST_PROJ-A-PRV-PC-1", "ST_PROJ-B-PRV-PC-2", "ST_PROJ-C-PRV-PC-3"] starting_nodes: kill_chain: ACTIVATE: diff --git a/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP003.yaml b/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP003.yaml index 7dd3fd2e..aae7e9b4 100644 --- a/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP003.yaml +++ b/src/primaite/config/_package_data/uc7_multiple_attack_variants/TAP003.yaml @@ -10,28 +10,28 @@ red: &red variance: 0 repeat_kill_chain: false repeat_kill_chain_stages: true - default_starting_node: "ST-PROJ-A-PRV-PC-1" + default_starting_node: "ST_PROJ-A-PRV-PC-1" starting_nodes: - # starting_nodes: ["ST-PROJ-A-PRV-PC-1", "ST-PROJ-B-PRV-PC-2", "ST-PROJ-C-PRV-PC-3"] + # starting_nodes: ["ST_PROJ-A-PRV-PC-1", "ST_PROJ-B-PRV-PC-2", "ST_PROJ-C-PRV-PC-3"] kill_chain: PLANNING: probability: 1 starting_network_knowledge: credentials: - ST-PROJ-A-PRV-PC-1: + ST_PROJ-A-PRV-PC-1: username: admin password: admin - ST-PROJ-B-PRV-PC-2: + ST_PROJ-B-PRV-PC-2: username: admin password: admin - ST-PROJ-C-PRV-PC-3: + ST_PROJ-C-PRV-PC-3: username: admin password: admin - ST-INTRA-PRV-RT-DR-1: + ST_INTRA-PRV-RT-DR-1: ip_address: 192.168.230.1 username: admin password: admin - ST-INTRA-PRV-RT-CR: + ST_INTRA-PRV-RT-CR: ip_address: 192.168.160.1 username: admin password: admin @@ -44,13 +44,13 @@ red: &red MANIPULATION: probability: 1 account_changes: - - host: ST-INTRA-PRV-RT-DR-1 - ip_address: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 + - host: ST_INTRA-PRV-RT-DR-1 + ip_address: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 action: change_password username: admin new_password: "red_pass" - - host: ST-INTRA-PRV-RT-CR - ip_address: 192.168.160.1 # ST-INTRA-PRV-RT-CR + - host: ST_INTRA-PRV-RT-CR + ip_address: 192.168.160.1 # ST_INTRA-PRV-RT-CR action: change_password username: "admin" new_password: "red_pass" @@ -62,7 +62,7 @@ red: &red EXPLOIT: probability: 1 malicious_acls: - - target_router: ST-INTRA-PRV-RT-DR-1 + - target_router: ST_INTRA-PRV-RT-DR-1 position: 1 permission: DENY src_ip: ALL @@ -72,7 +72,7 @@ red: &red src_port: POSTGRES_SERVER dst_port: POSTGRES_SERVER protocol_name: TCP - - target_router: ST-INTRA-PRV-RT-CR + - target_router: ST_INTRA-PRV-RT-CR position: 1 permission: DENY src_ip: ALL diff --git a/src/primaite/config/_package_data/uc7_multiple_attack_variants/uc7_config_no_red.yaml b/src/primaite/config/_package_data/uc7_multiple_attack_variants/uc7_config_no_red.yaml index a55dae0e..1d245f85 100644 --- a/src/primaite/config/_package_data/uc7_multiple_attack_variants/uc7_config_no_red.yaml +++ b/src/primaite/config/_package_data/uc7_multiple_attack_variants/uc7_config_no_red.yaml @@ -73,7 +73,7 @@ SOME_TECH_PROJECT_C_SUBNET: &ST_PROJ_C_SUBNET 255.255.255.248 # # Host & Server Configurations # -# ST Public Web Server | web-server | ST-DMZ-PUB-SRV-WEB +# ST Public Web Server | web-server | ST_DMZ-PUB-SRV-WEB SOME_TECH_PUBLIC_SERVER_WEB_IP_ADDRESS: &ST_PUB_SRV_WEB_IP 192.168.100.2 SOME_TECH_PUBLIC_SERVER_WEB_CONFIG: &ST_SRV_WEB_CONFIG # - type: web-server @@ -86,12 +86,12 @@ PUBLIC_DNS_CONFIG: &PUBLIC_DNS_CONFIG # domain_mapping: some_tech.com: *ST_PUB_SRV_WEB_IP -# ST Private Storage Server | ftp-server | ST-DATA-PRV-SRV-STORAGE +# ST Private Storage Server | ftp-server | ST_DATA-PRV-SRV-STORAGE SOME_TECH_PRIVATE_SERVER_STORAGE_IP: &ST_SRV_STORAGE_IP 192.168.220.2 SOME_TECH_PRIVATE_SERVER_STORAGE_CONFIG: &ST_SRV_STORAGE_CONFIG - type: ftp-server -# ST Private Database Server | database-client & ftp-client | ST-DATA-PRV-SRV-DB +# ST Private Database Server | database-client & ftp-client | ST_DATA-PRV-SRV-DB SOME_TECH_PRIVATE_SERVER_DATABASE_IP: &ST_SRV_DB_IP 192.168.220.3 SOME_TECH_PRIVATE_SERVER_DATABASE_CONFIG: &ST_SRV_DB_CONFIG - type: database-service @@ -319,7 +319,7 @@ simulation: # SOME_TECH DMZ SUBNET # ######################## - - hostname: ST-PUB-FW + - hostname: ST_PUB-FW type: firewall ports: external_port: # Public Internet Facing Port @@ -410,7 +410,7 @@ simulation: #next_hop_ip_address: 10.1.100.1 next_hop_ip_address: 192.168.150.2 - - hostname: ST-DMZ-PUB-SRV-WEB + - hostname: ST_DMZ-PUB-SRV-WEB type: server ip_address: *ST_PUB_SRV_WEB_IP subnet_mask: *ST_DMZ_SUBNET @@ -422,7 +422,7 @@ simulation: # SOME_TECH INTRANET SUBNET # ############################# - - hostname: ST-INTRA-PRV-RT-CR + - hostname: ST_INTRA-PRV-RT-CR type: router ports: 1: @@ -461,7 +461,7 @@ simulation: 5: action: PERMIT - - hostname: ST-INTRA-PRV-RT-DR-1 + - hostname: ST_INTRA-PRV-RT-DR-1 type: router ports: 1: @@ -482,7 +482,7 @@ simulation: 5: action: PERMIT - - hostname: ST-INTRA-PRV-RT-DR-2 + - hostname: ST_INTRA-PRV-RT-DR-2 type: router default_gateway: 192.168.170.1 ports: @@ -505,30 +505,30 @@ simulation: # SOME_TECH HEAD OFFICE SUBNET # ################################ - - hostname: ST-HO-PRV-SW-AS + - hostname: ST_HO-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-HO-PRV-PC-1 + - hostname: ST_HO-PRV-PC-1 type: computer ip_address: 192.168.200.2 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HO-PRV-PC-2 + - hostname: ST_HO-PRV-PC-2 type: computer ip_address: 192.168.200.3 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HO-PRV-PC-3 + - hostname: ST_HO-PRV-PC-3 type: computer ip_address: 192.168.200.4 - default_gateway: 192.168.200.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -537,30 +537,30 @@ simulation: # SOME_TECH HUMAN RESOURCES SUBNET # #################################### - - hostname: ST-HR-PRV-SW-AS + - hostname: ST_HR-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-HR-PRV-PC-1 + - hostname: ST_HR-PRV-PC-1 type: computer ip_address: 192.168.210.2 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HR-PRV-PC-2 + - hostname: ST_HR-PRV-PC-2 type: computer ip_address: 192.168.210.3 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-HR-PRV-PC-3 + - hostname: ST_HR-PRV-PC-3 type: computer ip_address: 192.168.210.4 - default_gateway: 192.168.210.1 # ST-INTRA-PRV-RT-DR-2 (Port 2) + default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -569,11 +569,11 @@ simulation: # SOME_TECH DATA SUBNET # ######################### - - hostname: ST-DATA-PRV-SW-AS + - hostname: ST_DATA-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-DATA-PRV-SRV-STORAGE + - hostname: ST_DATA-PRV-SRV-STORAGE type: server ip_address: *ST_SRV_STORAGE_IP subnet_mask: *ST_DATA_SUBNET @@ -582,7 +582,7 @@ simulation: services: *ST_SRV_STORAGE_CONFIG - - hostname: ST-DATA-PRV-SRV-DB + - hostname: ST_DATA-PRV-SRV-DB type: server ip_address: *ST_SRV_DB_IP subnet_mask: *ST_DATA_SUBNET @@ -595,30 +595,30 @@ simulation: # SOME_TECH PROJECT A # ####################### - - hostname: ST-PROJ-A-PRV-SW-AS + - hostname: ST_PROJ-A-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-A-PRV-PC-1 + - hostname: ST_PROJ-A-PRV-PC-1 type: computer ip_address: 192.168.230.2 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-A-PRV-PC-2 + - hostname: ST_PROJ-A-PRV-PC-2 type: computer ip_address: 192.168.230.3 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-A-PRV-PC-3 + - hostname: ST_PROJ-A-PRV-PC-3 type: computer ip_address: 192.168.230.4 - default_gateway: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1 (Port 2) + default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -627,30 +627,30 @@ simulation: # SOME_TECH PROJECT B # ####################### - - hostname: ST-PROJ-B-PRV-SW-AS + - hostname: ST_PROJ-B-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-B-PRV-PC-1 + - hostname: ST_PROJ-B-PRV-PC-1 type: computer ip_address: 192.168.240.2 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-B-PRV-PC-2 + - hostname: ST_PROJ-B-PRV-PC-2 type: computer ip_address: 192.168.240.3 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-B-PRV-PC-3 + - hostname: ST_PROJ-B-PRV-PC-3 type: computer ip_address: 192.168.240.4 - default_gateway: 192.168.240.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -659,30 +659,30 @@ simulation: # SOME_TECH PROJECT C # ####################### - - hostname: ST-PROJ-C-PRV-SW-AS + - hostname: ST_PROJ-C-PRV-SW-AS type: switch num_ports: 5 - - hostname: ST-PROJ-C-PRV-PC-1 + - hostname: ST_PROJ-C-PRV-PC-1 type: computer ip_address: 192.168.250.2 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-C-PRV-PC-2 + - hostname: ST_PROJ-C-PRV-PC-2 type: computer ip_address: 192.168.250.3 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG - - hostname: ST-PROJ-C-PRV-PC-3 + - hostname: ST_PROJ-C-PRV-PC-3 type: computer ip_address: 192.168.250.4 - default_gateway: 192.168.250.1 # ST-INTRA-PRV-RT-DR-1 (Port 3) + default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3) dns_server: *PUBLIC_DNS_IP applications: *PC_DEFAULT_CONFIG @@ -788,13 +788,13 @@ simulation: # Internet Router (Port 4) --> Some Tech DMZ Firewall (External Port) - endpoint_a_hostname: ISP-PUB-RT-BR endpoint_a_port: 4 - endpoint_b_hostname: ST-PUB-FW + endpoint_b_hostname: ST_PUB-FW endpoint_b_port: 1 # Some Tech DMZ Firewall (DMZ Port) --> Some Tech Web Server (Port 1) - - endpoint_a_hostname: ST-PUB-FW + - endpoint_a_hostname: ST_PUB-FW endpoint_a_port: 3 - endpoint_b_hostname: ST-DMZ-PUB-SRV-WEB + endpoint_b_hostname: ST_DMZ-PUB-SRV-WEB endpoint_b_port: 1 ############################ @@ -802,27 +802,27 @@ simulation: ############################ # Some Tech Intranet CR Router (Port 1) --> Some Tech DMZ Firewall (Internal Port) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 1 - endpoint_b_hostname: ST-PUB-FW + endpoint_b_hostname: ST_PUB-FW endpoint_b_port: 2 # Some Tech Intranet CR Router (Port 2) --> Some Tech Intranet DR Router 1 (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 2 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-1 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_b_port: 1 # Some Tech Intranet CR Router (Port 3) --> Some Tech Intranet DR Router 2 (Port 2) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 3 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 1 # Some Tech Intranet Private Router CR (Port 4) --> Some Tech Data Private Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-CR + - endpoint_a_hostname: ST_INTRA-PRV-RT-CR endpoint_a_port: 4 - endpoint_b_hostname: ST-DATA-PRV-SW-AS + endpoint_b_hostname: ST_DATA-PRV-SW-AS endpoint_b_port: 1 @@ -831,27 +831,27 @@ simulation: ############################### # Some Tech Head Office Switch (Port 1) --> Some Tech Intranet Private Router DR 2 (Port 2) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 1 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 2 # Some Tech Head Office Switch (Port 2) --> Some Tech Head Office PC 1 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-HO-PRV-PC-1 + endpoint_b_hostname: ST_HO-PRV-PC-1 endpoint_b_port: 1 # Some Tech Head Office Switch (Port 3) --> Some Tech Head Office PC 2 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-HO-PRV-PC-2 + endpoint_b_hostname: ST_HO-PRV-PC-2 endpoint_b_port: 1 # Some Tech Head Office Switch (Port 4) --> Some Tech Head Office PC 3 (Port 1) - - endpoint_a_hostname: ST-HO-PRV-SW-AS + - endpoint_a_hostname: ST_HO-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-HO-PRV-PC-3 + endpoint_b_hostname: ST_HO-PRV-PC-3 endpoint_b_port: 1 @@ -860,27 +860,27 @@ simulation: ################################### # Some Tech Human Resources Switch (Port 1) --> Some Tech Intranet Private Router DR 2 (Port 3) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 1 - endpoint_b_hostname: ST-INTRA-PRV-RT-DR-2 + endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2 endpoint_b_port: 3 # Some Tech Human Resources Switch (Port 2) --> Some Tech Human Resources PC 1 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-HR-PRV-PC-1 + endpoint_b_hostname: ST_HR-PRV-PC-1 endpoint_b_port: 1 # Some Tech Human Resources Switch (Port 3) --> Some Tech Human Resources PC 2 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-HR-PRV-PC-2 + endpoint_b_hostname: ST_HR-PRV-PC-2 endpoint_b_port: 1 # Some Tech Human Resources Switch (Port 4) --> Some Tech Human Resources PC 3 (Port 1) - - endpoint_a_hostname: ST-HR-PRV-SW-AS + - endpoint_a_hostname: ST_HR-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-HR-PRV-PC-3 + endpoint_b_hostname: ST_HR-PRV-PC-3 endpoint_b_port: 1 ######################## @@ -888,16 +888,16 @@ simulation: ######################## # Some Tech Data Switch (Port 2) --> Some Tech Data Private Storage Server (Port 1) - - endpoint_a_hostname: ST-DATA-PRV-SW-AS + - endpoint_a_hostname: ST_DATA-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-DATA-PRV-SRV-STORAGE + endpoint_b_hostname: ST_DATA-PRV-SRV-STORAGE endpoint_b_port: 1 # Some Tech Data Switch (Port 3) --> Some Tech Data Private Database Server (Port 1) - - endpoint_a_hostname: ST-DATA-PRV-SW-AS + - endpoint_a_hostname: ST_DATA-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-DATA-PRV-SRV-DB + endpoint_b_hostname: ST_DATA-PRV-SRV-DB endpoint_b_port: 1 ############################# @@ -905,27 +905,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 2) --> Some Tech Private Project A Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-A-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-A-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 2) --> Some Tech Project A PC 1 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 3) --> Some Tech Project A PC 2 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project A Switch (Port 4) --> Some Tech Project A PC 3 - - endpoint_a_hostname: ST-PROJ-A-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-A-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-A-PRV-PC-3 endpoint_b_port: 1 ############################# @@ -933,27 +933,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 3) --> Some Tech Private Project B Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-B-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-B-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 2) --> Some Tech Project B PC 1 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 3) --> Some Tech Project B PC 2 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project B Switch (Port 4) --> Some Tech Project B PC 3 - - endpoint_a_hostname: ST-PROJ-B-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-B-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-B-PRV-PC-3 endpoint_b_port: 1 ############################# @@ -961,27 +961,27 @@ simulation: ############################# # Some Tech Intranet Private Router DR 1 (Port 4) --> Some Tech Private Project C Switch (Port 1) - - endpoint_a_hostname: ST-INTRA-PRV-RT-DR-1 + - endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1 endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-C-PRV-SW-AS + endpoint_b_hostname: ST_PROJ-C-PRV-SW-AS endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 2) --> Some Tech Project C PC 1 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 2 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-1 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-1 endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 3) --> Some Tech Project C PC 2 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 3 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-2 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-2 endpoint_b_port: 1 # Some Tech Private Project C Switch (Port 4) --> Some Tech Project C PC 3 - - endpoint_a_hostname: ST-PROJ-C-PRV-SW-AS + - endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS endpoint_a_port: 4 - endpoint_b_hostname: ST-PROJ-C-PRV-PC-3 + endpoint_b_hostname: ST_PROJ-C-PRV-PC-3 endpoint_b_port: 1 ################################## @@ -1042,18 +1042,18 @@ UC7_IP_LIST: &UC7_IP_LIST - 192.168.20.3 # REM-PUB-PC-2 | ip_id: 6 - 192.168.20.4 # REM-PUB-SRV | ip_id: 7 # ====== ST Public DMZ ======= - - *ST_PUB_SRV_WEB_IP # 192.168.100.2 (ST-DMZ-PUB-SRV-WEB) | ip_id: 8 + - *ST_PUB_SRV_WEB_IP # 192.168.100.2 (ST_DMZ-PUB-SRV-WEB) | ip_id: 8 # ====== ST Head Office ======= - - 192.168.200.2 # ST-HO-PRV-PC-1 | ip_id: 9 - - 192.168.200.3 # ST-HO-PRV-PC-2 | ip_id: 10 - - 192.168.200.4 # ST-HO-PRV-PC-3 | ip_id: 11 + - 192.168.200.2 # ST_HO-PRV-PC-1 | ip_id: 9 + - 192.168.200.3 # ST_HO-PRV-PC-2 | ip_id: 10 + - 192.168.200.4 # ST_HO-PRV-PC-3 | ip_id: 11 # ===== ST Human Resources ====== - - 192.168.210.2 # ST-HR-PRV-PC-1 | ip_id: 12 - - 192.168.210.3 # ST-HR-PRV-PC-2 | ip_id: 13 - - 192.168.210.4 # ST-HR-PRV-PC-3 | ip_id: 14 + - 192.168.210.2 # ST_HR-PRV-PC-1 | ip_id: 12 + - 192.168.210.3 # ST_HR-PRV-PC-2 | ip_id: 13 + - 192.168.210.4 # ST_HR-PRV-PC-3 | ip_id: 14 # ====== ST DATA Servers ======= - - *ST_SRV_STORAGE_IP # 192.168.220.2 (ST-DATA-PRV-SRV-STORAGE) | ip_id: 15 - - *ST_SRV_DB_IP # 192.168.220.3 (ST-DATA-PRV-SRV-DB) | ip_id: 16 + - *ST_SRV_STORAGE_IP # 192.168.220.2 (ST_DATA-PRV-SRV-STORAGE) | ip_id: 15 + - *ST_SRV_DB_IP # 192.168.220.3 (ST_DATA-PRV-SRV-DB) | ip_id: 16 # ====== ST Project A ======= - 192.168.230.2 # PROJ-A-PRV-PC-1 | ip_id: 17 - 192.168.230.3 # PROJ-A-PRV-PC-2 | ip_id: 18 @@ -1083,8 +1083,8 @@ agents: # Home Office Green Agent Pattern Of Life # ====================================== - # 1. Three Home workers accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. Three Home workers accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. Three Home workers accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. Three Home workers accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: HOME_WORKER-1-DB team: GREEN @@ -1177,8 +1177,8 @@ agents: # Remote Site Green Agent Pattern Of Life # ====================================== - # 1. Three Remote workers accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. Three Remote workers accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. Three Remote workers accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. Three Remote workers accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: REMOTE_WORKER-1-DB team: GREEN @@ -1272,10 +1272,10 @@ agents: # ST Project A Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_A-SENIOR-DEV-DB @@ -1284,7 +1284,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1296,7 +1296,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-1 + node_hostname: ST_PROJ-A-PRV-PC-1 - ref: PROJ_A-SENIOR-DEV-WEB team: GREEN @@ -1310,7 +1310,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1319,7 +1319,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-1 + node_hostname: ST_PROJ-A-PRV-PC-1 - ref: PROJ_A-JUNIOR-DEV-1-DB team: GREEN @@ -1327,7 +1327,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1339,7 +1339,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-2 + node_hostname: ST_PROJ-A-PRV-PC-2 - ref: PROJ_A-JUNIOR-DEV-1-WEB team: GREEN @@ -1353,7 +1353,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-2 + node_name: ST_PROJ-A-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1362,7 +1362,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-2 + node_hostname: ST_PROJ-A-PRV-PC-2 - ref: PROJ_A-JUNIOR-DEV-2-DB team: GREEN @@ -1370,7 +1370,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-A-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-A-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1382,7 +1382,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-3 + node_hostname: ST_PROJ-A-PRV-PC-3 - ref: PROJ_A-JUNIOR-DEV-2-WEB team: GREEN @@ -1396,7 +1396,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-A-PRV-PC-3 + node_name: ST_PROJ-A-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1405,7 +1405,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-A-PRV-PC-3 + node_hostname: ST_PROJ-A-PRV-PC-3 #################################### # ST Project B Network POL Config # @@ -1413,10 +1413,10 @@ agents: # ST Project B Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_B-SENIOR-DEV-DB team: GREEN @@ -1424,7 +1424,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1436,7 +1436,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-1 + node_hostname: ST_PROJ-B-PRV-PC-1 - ref: PROJ_B-SENIOR-DEV-WEB team: GREEN @@ -1450,7 +1450,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-1 + node_name: ST_PROJ-B-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1459,14 +1459,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-1 + node_hostname: ST_PROJ-B-PRV-PC-1 - ref: PROJ_B-JUNIOR-DEV-1-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1478,7 +1478,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-2 + node_hostname: ST_PROJ-B-PRV-PC-2 - ref: PROJ_B-JUNIOR-DEV-1-WEB team: GREEN @@ -1492,7 +1492,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1501,14 +1501,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-2 + node_hostname: ST_PROJ-B-PRV-PC-2 - ref: PROJ_B-JUNIOR-DEV-2-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-B-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-B-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1520,7 +1520,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-3 + node_hostname: ST_PROJ-B-PRV-PC-3 - ref: PROJ_B-JUNIOR-DEV-2-WEB team: GREEN @@ -1534,7 +1534,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-B-PRV-PC-3 + node_name: ST_PROJ-B-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1543,7 +1543,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-B-PRV-PC-3 + node_hostname: ST_PROJ-B-PRV-PC-3 #################################### # ST Project C Network POL Config # @@ -1551,10 +1551,10 @@ agents: # ST Project C Green Agent Pattern Of Life # ======================================== - # 1. A Senior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST-DATA-PRV-SRV-DB) - # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB) + # 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: PROJ_C-SENIOR-DEV-DB team: GREEN @@ -1562,7 +1562,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-1"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-1"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1574,7 +1574,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-1 + node_hostname: ST_PROJ-C-PRV-PC-1 - ref: PROJ_C-SENIOR-DEV-WEB team: GREEN @@ -1588,7 +1588,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-1 + node_name: ST_PROJ-C-PRV-PC-1 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_40 @@ -1597,14 +1597,14 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-1 + node_hostname: ST_PROJ-C-PRV-PC-1 - ref: PROJ_C-JUNIOR-DEV-1-DB team: GREEN type: periodic-agent observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-2"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-2"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1616,7 +1616,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-2 + node_hostname: ST_PROJ-C-PRV-PC-2 - ref: PROJ_C-JUNIOR-DEV-1-WEB team: GREEN @@ -1630,7 +1630,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-2 + node_name: ST_PROJ-C-PRV-PC-2 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1639,7 +1639,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-2 + node_hostname: ST_PROJ-C-PRV-PC-2 - ref: PROJ_C-JUNIOR-DEV-2-DB team: GREEN @@ -1647,7 +1647,7 @@ agents: observation_space: {} observation_space: {} agent_settings: - possible_start_nodes: ["ST-PROJ-C-PRV-PC-3"] + possible_start_nodes: ["ST_PROJ-C-PRV-PC-3"] target_application: "database-client" start_step: 1 start_variance: 1 @@ -1659,7 +1659,7 @@ agents: - type: green-admin-database-unreachable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-3 + node_hostname: ST_PROJ-C-PRV-PC-3 - ref: PROJ_C-JUNIOR-DEV-2-WEB team: GREEN @@ -1673,7 +1673,7 @@ agents: 1: action: node-application-execute options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: web-browser agent_settings: <<: *GREEN_PROBABILISTIC_20 @@ -1682,7 +1682,7 @@ agents: - type: webpage-unavailable-penalty weight: *LOW_WEIGHT_IMPACT options: - node_hostname: ST-PROJ-C-PRV-PC-3 + node_hostname: ST_PROJ-C-PRV-PC-3 ###################################### # ST Head Office Network POL Config # @@ -1690,9 +1690,9 @@ agents: # ST Head Office Green Agent Pattern Of Life # ========================================== - # 1. The ST CEO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 2. The ST CTO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 3. The ST CFO accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. The ST CEO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 2. The ST CTO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 3. The ST CFO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: CEO team: GREEN @@ -1708,14 +1708,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-1 + node_name: ST_HO-PRV-PC-1 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *HIGH_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-1 + node_hostname: ST_HO-PRV-PC-1 - ref: CTO team: GREEN @@ -1731,14 +1731,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-2 + node_name: ST_HO-PRV-PC-2 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-2 + node_hostname: ST_HO-PRV-PC-2 - ref: CFO team: GREEN @@ -1754,14 +1754,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HO-PRV-PC-3 + node_name: ST_HO-PRV-PC-3 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HO-PRV-PC-3 + node_hostname: ST_HO-PRV-PC-3 ########################################## # ST Human Resources Network POL Config # @@ -1769,8 +1769,8 @@ agents: # ST Head Office Green Agent Pattern Of Life # ========================================== - # 1. A senior HR staff accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) - # 2. Two junior HR staff accessing the SOME_TECH Public web-server (ST-DMZ-PUB-SRV-WEB) + # 1. A senior HR staff accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) + # 2. Two junior HR staff accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB) - ref: SENIOR_HR team: GREEN @@ -1786,14 +1786,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-1 + node_name: ST_HR-PRV-PC-1 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-1 + node_hostname: ST_HR-PRV-PC-1 - ref: JUNIOR_HR-1 team: GREEN @@ -1809,14 +1809,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-2 + node_name: ST_HR-PRV-PC-2 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-2 + node_hostname: ST_HR-PRV-PC-2 - ref: JUNIOR_HR-2 team: GREEN @@ -1832,14 +1832,14 @@ agents: 1: action: node-application-execute options: - node_name: ST-HR-PRV-PC-3 + node_name: ST_HR-PRV-PC-3 application_name: web-browser reward_function: reward_components: - type: webpage-unavailable-penalty weight: *MEDIUM_WEIGHT_IMPACT options: - node_hostname: ST-HR-PRV-PC-3 + node_hostname: ST_HR-PRV-PC-3 ########################## # UC7 Red Agent Config # @@ -1861,8 +1861,8 @@ agents: label: NODES options: hosts: - # TAP001 Potential Starting Note | ST-PROJ-A-PRV-PC-1 - - hostname: ST-PROJ-A-PRV-PC-1 + # TAP001 Potential Starting Note | ST_PROJ-A-PRV-PC-1 + - hostname: ST_PROJ-A-PRV-PC-1 services: - service_name: ftp-client applications: @@ -1875,8 +1875,8 @@ agents: - folder_name: exfiltration_folder files: - file_name: database.db - # TAP001 Potential Starting Note | ST-PROJ-B-PRV-PC-2 - - hostname: ST-PROJ-B-PRV-PC-2 + # TAP001 Potential Starting Note | ST_PROJ-B-PRV-PC-2 + - hostname: ST_PROJ-B-PRV-PC-2 services: - service_name: ftp-client applications: @@ -1888,8 +1888,8 @@ agents: - folder_name: exfiltration_folder files: - file_name: database.db - # TAP001 Potential Starting Note | ST-PROJ-C-PRV-PC-3 - - hostname: ST-PROJ-C-PRV-PC-3 + # TAP001 Potential Starting Note | ST_PROJ-C-PRV-PC-3 + - hostname: ST_PROJ-C-PRV-PC-3 services: - service_name: ftp-client applications: @@ -1902,14 +1902,14 @@ agents: files: - file_name: database.db # ST DATA Server Database - - hostname: ST-DATA-PRV-SRV-DB + - hostname: ST_DATA-PRV-SRV-DB folders: - folder_name: database files: - file_name: database.db routers: - - hostname: ST-INTRA-PRV-RT-CR # TAP003 Malicious ACL Target | ROUTER0 - - hostname: ST-INTRA-PRV-RT-DR-1 # TAP003 Malicious ACL Target | ROUTER1 + - hostname: ST_INTRA-PRV-RT-CR # TAP003 Malicious ACL Target | ROUTER0 + - hostname: ST_INTRA-PRV-RT-DR-1 # TAP003 Malicious ACL Target | ROUTER1 - hostname: REM-PUB-RT-DR # TAP003 Malicious ACL Target | ROUTER2 num_ports: 5 num_services: 2 @@ -1972,41 +1972,41 @@ agents: - REM-PUB-SW-AS:eth-3<->REM-PUB-PC-2:eth-1 # 11 - REM-PUB-SW-AS:eth-4<->REM-PUB-SRV:eth-1 # 12 # SOME_TECH DMZ - - ISP-PUB-RT-BR:eth-4<->ST-PUB-FW:eth-1 # 13 - - ST-PUB-FW:eth-3<->ST-DMZ-PUB-SRV-WEB:eth-1 # 14 + - ISP-PUB-RT-BR:eth-4<->ST_PUB-FW:eth-1 # 13 + - ST_PUB-FW:eth-3<->ST_DMZ-PUB-SRV-WEB:eth-1 # 14 # SOME_TECH Intranet - - ST-INTRA-PRV-RT-CR:eth-1<->ST-PUB-FW:eth-2 # 15 - - ST-INTRA-PRV-RT-CR:eth-2<->ST-INTRA-PRV-RT-DR-1:eth-1 # 16 - - ST-INTRA-PRV-RT-CR:eth-3<->ST-INTRA-PRV-RT-DR-2:eth-1 # 17 - - ST-INTRA-PRV-RT-CR:eth-4<->ST-DATA-PRV-SW-AS:eth-1 # 18 + - ST_INTRA-PRV-RT-CR:eth-1<->ST_PUB-FW:eth-2 # 15 + - ST_INTRA-PRV-RT-CR:eth-2<->ST_INTRA-PRV-RT-DR-1:eth-1 # 16 + - ST_INTRA-PRV-RT-CR:eth-3<->ST_INTRA-PRV-RT-DR-2:eth-1 # 17 + - ST_INTRA-PRV-RT-CR:eth-4<->ST_DATA-PRV-SW-AS:eth-1 # 18 # SOME_TECH Head Office - - ST-HO-PRV-SW-AS:eth-1<->ST-INTRA-PRV-RT-DR-2:eth-2 # 19 - - ST-HO-PRV-SW-AS:eth-2<->ST-HO-PRV-PC-1:eth-1 # 20 - - ST-HO-PRV-SW-AS:eth-3<->ST-HO-PRV-PC-2:eth-1 # 21 - - ST-HO-PRV-SW-AS:eth-4<->ST-HO-PRV-PC-3:eth-1 # 22 + - ST_HO-PRV-SW-AS:eth-1<->ST_INTRA-PRV-RT-DR-2:eth-2 # 19 + - ST_HO-PRV-SW-AS:eth-2<->ST_HO-PRV-PC-1:eth-1 # 20 + - ST_HO-PRV-SW-AS:eth-3<->ST_HO-PRV-PC-2:eth-1 # 21 + - ST_HO-PRV-SW-AS:eth-4<->ST_HO-PRV-PC-3:eth-1 # 22 # SOME_TECH Human Resources - - ST-HR-PRV-SW-AS:eth-1<->ST-INTRA-PRV-RT-DR-2:eth-3 # 23 - - ST-HR-PRV-SW-AS:eth-2<->ST-HR-PRV-PC-1:eth-1 # 24 - - ST-HR-PRV-SW-AS:eth-3<->ST-HR-PRV-PC-2:eth-1 # 25 - - ST-HR-PRV-SW-AS:eth-4<->ST-HR-PRV-PC-3:eth-1 # 26 + - ST_HR-PRV-SW-AS:eth-1<->ST_INTRA-PRV-RT-DR-2:eth-3 # 23 + - ST_HR-PRV-SW-AS:eth-2<->ST_HR-PRV-PC-1:eth-1 # 24 + - ST_HR-PRV-SW-AS:eth-3<->ST_HR-PRV-PC-2:eth-1 # 25 + - ST_HR-PRV-SW-AS:eth-4<->ST_HR-PRV-PC-3:eth-1 # 26 # SOME_TECH Data Links - - ST-DATA-PRV-SW-AS:eth-2<->ST-DATA-PRV-SRV-STORAGE:eth-1 # 27 - - ST-DATA-PRV-SW-AS:eth-3<->ST-DATA-PRV-SRV-DB:eth-1 # 28 + - ST_DATA-PRV-SW-AS:eth-2<->ST_DATA-PRV-SRV-STORAGE:eth-1 # 27 + - ST_DATA-PRV-SW-AS:eth-3<->ST_DATA-PRV-SRV-DB:eth-1 # 28 # SOME_TECH Project A Links - - ST-INTRA-PRV-RT-DR-1:eth-2<->ST-PROJ-A-PRV-SW-AS:eth-1 # 29 - - ST-PROJ-A-PRV-SW-AS:eth2<->ST-PROJ-A-PRV-PC-1:eth-1 # 31 - - ST-PROJ-A-PRV-SW-AS:eth3<->ST-PROJ-A-PRV-PC-2:eth-1 # 32 - - ST-PROJ-A-PRV-SW-AS:eth4<->ST-PROJ-A-PRV-PC-3:eth-1 # 33 + - ST_INTRA-PRV-RT-DR-1:eth-2<->ST_PROJ-A-PRV-SW-AS:eth-1 # 29 + - ST_PROJ-A-PRV-SW-AS:eth2<->ST_PROJ-A-PRV-PC-1:eth-1 # 31 + - ST_PROJ-A-PRV-SW-AS:eth3<->ST_PROJ-A-PRV-PC-2:eth-1 # 32 + - ST_PROJ-A-PRV-SW-AS:eth4<->ST_PROJ-A-PRV-PC-3:eth-1 # 33 # SOME_TECH Project B Links - - ST-INTRA-PRV-RT-DR-1:eth-3<->ST-PROJ-B-PRV-SW-AS:eth-1 # 34 - - ST-PROJ-B-PRV-SW-AS:eth2<->ST-PROJ-B-PRV-PC-1:eth-1 # 35 - - ST-PROJ-B-PRV-SW-AS:eth3<->ST-PROJ-B-PRV-PC-2:eth-1 # 36 - - ST-PROJ-B-PRV-SW-AS:eth4<->ST-PROJ-B-PRV-PC-3:eth-1 # 37 + - ST_INTRA-PRV-RT-DR-1:eth-3<->ST_PROJ-B-PRV-SW-AS:eth-1 # 34 + - ST_PROJ-B-PRV-SW-AS:eth2<->ST_PROJ-B-PRV-PC-1:eth-1 # 35 + - ST_PROJ-B-PRV-SW-AS:eth3<->ST_PROJ-B-PRV-PC-2:eth-1 # 36 + - ST_PROJ-B-PRV-SW-AS:eth4<->ST_PROJ-B-PRV-PC-3:eth-1 # 37 # SOME_TECH Project C Links - - ST-INTRA-PRV-RT-DR-1:eth-4<->ST-PROJ-C-PRV-SW-AS:eth-1 # 38 - - ST-PROJ-A-PRV-SW-AS:eth2<->ST-PROJ-C-PRV-PC-1:eth-1 # 39 - - ST-PROJ-A-PRV-SW-AS:eth3<->ST-PROJ-C-PRV-PC-2:eth-1 # 40 - - ST-PROJ-A-PRV-SW-AS:eth4<->ST-PROJ-C-PRV-PC-3:eth-1 # 41 + - ST_INTRA-PRV-RT-DR-1:eth-4<->ST_PROJ-C-PRV-SW-AS:eth-1 # 38 + - ST_PROJ-A-PRV-SW-AS:eth2<->ST_PROJ-C-PRV-PC-1:eth-1 # 39 + - ST_PROJ-A-PRV-SW-AS:eth3<->ST_PROJ-C-PRV-PC-2:eth-1 # 40 + - ST_PROJ-A-PRV-SW-AS:eth4<->ST_PROJ-C-PRV-PC-3:eth-1 # 41 action_space: action_map: 0: @@ -2014,402 +2014,402 @@ agents: options: {} # |======================================| - # | ST-PROJ-A-PRV-PC-1 | + # | ST_PROJ-A-PRV-PC-1 | # |======================================| - # ST-PROJ-A-PRV-PC-1 | node-os-scan + # ST_PROJ-A-PRV-PC-1 | node-os-scan 1: action: node-os-scan options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-shutdown + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-shutdown 2: action: node-shutdown options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-startup + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-startup 3: action: node-startup options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | node-reset + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | node-reset 4: action: node-reset options: - node_name: ST-PROJ-A-PRV-PC-1 - # ST-PROJ-A-PRV-PC-1 | host-nic-disable + node_name: ST_PROJ-A-PRV-PC-1 + # ST_PROJ-A-PRV-PC-1 | host-nic-disable 5: action: host-nic-disable options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 nic_num: 0 - # ST-PROJ-A-PRV-PC-1 | host-nic-enable + # ST_PROJ-A-PRV-PC-1 | host-nic-enable 6: action: host-nic-enable options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 nic_num: 0 - # ST-PROJ-A-PRV-PC-1 | node-application-close | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-close | database-client 7: action: node-application-close options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-scan | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-scan | database-client 8: action: node-application-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-fix | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-fix | database-client 9: action: node-application-fix options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-application-remove | database-client + # ST_PROJ-A-PRV-PC-1 | node-application-remove | database-client 10: action: node-application-remove options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 application_name: database-client - # ST-PROJ-A-PRV-PC-1 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-A-PRV-PC-1 | node-file-scan | downloads/malware_dropper.ps1 11: action: node-file-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-A-PRV-PC-1 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-A-PRV-PC-1 | node-file-scan | exfiltration_folder/database.db 12: action: node-file-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-A-PRV-PC-1 | node-folder-scan | downloads/ + # ST_PROJ-A-PRV-PC-1 | node-folder-scan | downloads/ 13: action: node-folder-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: downloads - # ST-PROJ-A-PRV-PC-1 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-A-PRV-PC-1 | node-folder-scan | exfiltration_folder/ 14: action: node-folder-scan options: - node_name: ST-PROJ-A-PRV-PC-1 + node_name: ST_PROJ-A-PRV-PC-1 folder_name: exfiltration_folder # |======================================| - # | ST-PROJ-B-PRV-PC-2 | + # | ST_PROJ-B-PRV-PC-2 | # |======================================| - # ST-PROJ-B-PRV-PC-2 | node-os-scan + # ST_PROJ-B-PRV-PC-2 | node-os-scan 15: action: node-os-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-shutdown + # ST_PROJ-B-PRV-PC-2 | node-shutdown 16: action: node-shutdown options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-startup + # ST_PROJ-B-PRV-PC-2 | node-startup 17: action: node-startup options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | node-reset + # ST_PROJ-B-PRV-PC-2 | node-reset 18: action: node-reset options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 - # ST-PROJ-B-PRV-PC-2 | host-nic-disable + # ST_PROJ-B-PRV-PC-2 | host-nic-disable 19: action: host-nic-disable options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 nic_num: 0 - # ST-PROJ-B-PRV-PC-2 | host-nic-enable + # ST_PROJ-B-PRV-PC-2 | host-nic-enable 20: action: host-nic-enable options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 nic_num: 0 - # ST-PROJ-B-PRV-PC-2 | node-application-close | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-close | database-client 21: action: node-application-close options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-scan | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-scan | database-client 22: action: node-application-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-fix | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-fix | database-client 23: action: node-application-fix options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-application-remove | database-client + # ST_PROJ-B-PRV-PC-2 | node-application-remove | database-client 24: action: node-application-remove options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 application_name: database-client - # ST-PROJ-B-PRV-PC-2 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-B-PRV-PC-2 | node-file-scan | downloads/malware_dropper.ps1 25: action: node-file-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-B-PRV-PC-2 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-B-PRV-PC-2 | node-file-scan | exfiltration_folder/database.db 26: action: node-file-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-B-PRV-PC-2 | node-folder-scan | downloads/ + # ST_PROJ-B-PRV-PC-2 | node-folder-scan | downloads/ 27: action: node-folder-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: downloads - # ST-PROJ-B-PRV-PC-2 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-B-PRV-PC-2 | node-folder-scan | exfiltration_folder/ 28: action: node-folder-scan options: - node_name: ST-PROJ-B-PRV-PC-2 + node_name: ST_PROJ-B-PRV-PC-2 folder_name: exfiltration_folder # |======================================| - # | ST-PROJ-C-PRV-PC-3 | + # | ST_PROJ-C-PRV-PC-3 | # |======================================| - # ST-PROJ-C-PRV-PC-3 | node-os-scan + # ST_PROJ-C-PRV-PC-3 | node-os-scan 29: action: node-os-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-shutdown + # ST_PROJ-C-PRV-PC-3 | node-shutdown 30: action: node-shutdown options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-startup + # ST_PROJ-C-PRV-PC-3 | node-startup 31: action: node-startup options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | node-reset + # ST_PROJ-C-PRV-PC-3 | node-reset 32: action: node-reset options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 - # ST-PROJ-C-PRV-PC-3 | host-nic-disable + # ST_PROJ-C-PRV-PC-3 | host-nic-disable 33: action: host-nic-disable options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 nic_num: 0 - # ST-PROJ-C-PRV-PC-3 | host-nic-enable + # ST_PROJ-C-PRV-PC-3 | host-nic-enable 34: action: host-nic-enable options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 nic_num: 0 - # ST-PROJ-C-PRV-PC-3 | node-application-close | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-close | database-client 35: action: node-application-close options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-scan | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-scan | database-client 36: action: node-application-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-fix | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-fix | database-client 37: action: node-application-fix options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-application-remove | database-client + # ST_PROJ-C-PRV-PC-3 | node-application-remove | database-client 38: action: node-application-remove options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 application_name: database-client - # ST-PROJ-C-PRV-PC-3 | node-file-scan | downloads/malware_dropper.ps1 + # ST_PROJ-C-PRV-PC-3 | node-file-scan | downloads/malware_dropper.ps1 39: action: node-file-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: downloads file_name: malware_dropper.ps1 - # ST-PROJ-C-PRV-PC-3 | node-file-scan | exfiltration_folder/database.db + # ST_PROJ-C-PRV-PC-3 | node-file-scan | exfiltration_folder/database.db 40: action: node-file-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: exfiltration_folder file_name: database.db - # ST-PROJ-C-PRV-PC-3 | node-folder-scan | downloads/ + # ST_PROJ-C-PRV-PC-3 | node-folder-scan | downloads/ 41: action: node-folder-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: downloads - # ST-PROJ-C-PRV-PC-3 | node-folder-scan | exfiltration_folder/ + # ST_PROJ-C-PRV-PC-3 | node-folder-scan | exfiltration_folder/ 42: action: node-folder-scan options: - node_name: ST-PROJ-C-PRV-PC-3 + node_name: ST_PROJ-C-PRV-PC-3 folder_name: exfiltration_folder # |======================================| - # | ST-INTRA-PRV-RT-CR | + # | ST_INTRA-PRV-RT-CR | # |======================================| - # ST-INTRA-PRV-RT-CR | router-acl-add-rule | P2: ST-PROJ-A-PRV-PC-1 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-add-rule | P2: ST_PROJ-A-PRV-PC-1 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 43: action: router-acl-add-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 1 permission: DENY - src_ip: 192.168.230.2 # (ST-PROJ-A-PRV-PC-1) + src_ip: 192.168.230.2 # (ST_PROJ-A-PRV-PC-1) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 1 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 1 44: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 1 - # ST-INTRA-PRV-RT-CR | router-acl-add-rule | P3: ST-PROJ-B-PRV-PC-2 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-add-rule | P3: ST_PROJ-B-PRV-PC-2 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 45: action: router-acl-add-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 2 permission: DENY - src_ip: 192.168.240.3 # (ST-PROJ-B-PRV-PC-2) + src_ip: 192.168.240.3 # (ST_PROJ-B-PRV-PC-2) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 2 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 2 46: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 2 - # ST-INTRA-PRV-RT-CR | router-acl-add-rule | P4: ST-PROJ-C-PRV-PC-3 !==> ST-DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) + # ST_INTRA-PRV-RT-CR | router-acl-add-rule | P4: ST_PROJ-C-PRV-PC-3 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER) 47: action: router-acl-add-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 3 permission: DENY - src_ip: 192.168.250.4 # (ST-PROJ-C-PRV-PC-3) + src_ip: 192.168.250.4 # (ST_PROJ-C-PRV-PC-3) src_wildcard: 0.0.255.255 src_port: POSTGRES_SERVER - dst_ip: 192.168.220.3 # (ST-DATA-PRV-SRV-DB) + dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB) dst_wildcard: 0.0.255.255 dst_port: POSTGRES_SERVER protocol_name: TCP - # ST-INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 3 + # ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 3 48: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-CR + target_router: ST_INTRA-PRV-RT-CR position: 3 # |======================================| - # | ST-DATA-PRV-SRV-DB | + # | ST_DATA-PRV-SRV-DB | # |======================================| - # ST-DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status) + # ST_DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status) 49: action: node-file-scan options: - node_name: ST-DATA-PRV-SRV-DB + node_name: ST_DATA-PRV-SRV-DB folder_name: database file_name: database.db - # ST-DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account + # ST_DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account 50: action: node-account-change-password options: - node_name: ST-DATA-PRV-SRV-DB + node_name: ST_DATA-PRV-SRV-DB username: admin # default account current_password: admin # default password new_password: thr33_alert_wolv3z # A more 'secure' password # |======================================| - # | ST-INTRA-PRV-RT-DR-1 | + # | ST_INTRA-PRV-RT-DR-1 | # |======================================| - # ST-INTRA-PRV-RT-DR-1 | router-acl-add-rule | P1: ST-INTRA-PRV-RT-DR-1 !==> ANY (TCP:SSH) + # ST_INTRA-PRV-RT-DR-1 | router-acl-add-rule | P1: ST_INTRA-PRV-RT-DR-1 !==> ANY (TCP:SSH) 51: action: router-acl-add-rule options: - target_router: ST-INTRA-PRV-RT-DR-1 + target_router: ST_INTRA-PRV-RT-DR-1 position: 1 permission: DENY - src_ip: 192.168.230.2 # (ST-PROJ-A-PRV-PC-1) + src_ip: 192.168.230.2 # (ST_PROJ-A-PRV-PC-1) src_wildcard: 0.0.255.255 src_port: SSH dst_ip: ALL @@ -2417,20 +2417,20 @@ agents: dst_port: SSH protocol_name: TCP - # ST-INTRA-PRV-RT-DR-1 | node-account-change-password + # ST_INTRA-PRV-RT-DR-1 | node-account-change-password 52: action: node-account-change-password options: - node_name: ST-INTRA-PRV-RT-DR-1 + node_name: ST_INTRA-PRV-RT-DR-1 username: admin current_password: admin new_password: secure_password - # ST-INTRA-PRV-RT-DR-1 | router-acl-remove-rule | Removes the given ACL at position 1 + # ST_INTRA-PRV-RT-DR-1 | router-acl-remove-rule | Removes the given ACL at position 1 53: action: router-acl-remove-rule options: - target_router: ST-INTRA-PRV-RT-DR-1 + target_router: ST_INTRA-PRV-RT-DR-1 position: 1 # |======================================| @@ -2458,7 +2458,7 @@ agents: - type: database-file-integrity weight: *HIGH_WEIGHT_IMPACT options: - node_hostname: ST-DATA-PRV-SRV-DB + node_hostname: ST_DATA-PRV-SRV-DB folder_name: database file_name: database.db @@ -2679,7 +2679,7 @@ agents: # # UC7 Network Wide System Pattern Of Life # # ========================================== # # 1. All NTP Clients perform periodic NTP Server transactions. - # # 2. Periodic Database (ST-DATA-PRV-SRV-DB) FTP backups (ST-DATA-PRV-SRV-STORAGE) + # # 2. Periodic Database (ST_DATA-PRV-SRV-DB) FTP backups (ST_DATA-PRV-SRV-STORAGE) # # 3. All DNS Clients perform periodic DNS Server transactions. # # TODO: NTPClient Node Service Start doesn't start a 'Request' @@ -2734,50 +2734,50 @@ agents: # 7: # action: NODE_SERVICE_START # options: - # node_id: 6 # ST-DMZ-PUB-SRV-WEB + # node_id: 6 # ST_DMZ-PUB-SRV-WEB # service_id: 0 # # ====== ST Head Office ======= # 8: # action: NODE_SERVICE_START # options: - # node_id: 7 # ST-HO-PRV-PC-1 + # node_id: 7 # ST_HO-PRV-PC-1 # service_id: 0 # 9: # action: NODE_SERVICE_START # options: - # node_id: 8 # ST-HO-PRV-PC-2 + # node_id: 8 # ST_HO-PRV-PC-2 # service_id: 0 # 10: # action: NODE_SERVICE_START # options: - # node_id: 9 # ST-HO-PRV-PC-3 + # node_id: 9 # ST_HO-PRV-PC-3 # service_id: 0 # # ====== ST Human Resources ======= # 11: # action: NODE_SERVICE_START # options: - # node_id: 10 # ST-HR-PRV-PC-1 + # node_id: 10 # ST_HR-PRV-PC-1 # service_id: 0 # 12: # action: NODE_SERVICE_START # options: - # node_id: 11 # ST-HR-PRV-PC-2 + # node_id: 11 # ST_HR-PRV-PC-2 # service_id: 0 # 13: # action: NODE_SERVICE_START # options: - # node_id: 12 # ST-HR-PRV-PC-3 + # node_id: 12 # ST_HR-PRV-PC-3 # service_id: 0 # # ====== ST DATA Servers ======= # 14: # action: NODE_SERVICE_START # options: - # node_id: 13 # ST-DATA-PRV-SRV-STORAGE + # node_id: 13 # ST_DATA-PRV-SRV-STORAGE # service_id: 0 # 15: # action: NODE_SERVICE_START # options: - # node_id: 14 # ST-DATA-PRV-SRV-DB + # node_id: 14 # ST_DATA-PRV-SRV-DB # service_id: 0 # # ====== ST Project A ======= # 16: @@ -2850,34 +2850,34 @@ agents: # services: # - service_name: NTPClient # # ====== ST Public DMZ ======= - # - node_name: ST-DMZ-PUB-SRV-WEB + # - node_name: ST_DMZ-PUB-SRV-WEB # services: # - service_name: NTPClient # # ====== ST Head Office ======= - # - node_name: ST-HO-PRV-PC-1 + # - node_name: ST_HO-PRV-PC-1 # services: # - service_name: NTPClient - # - node_name: ST-HO-PRV-PC-2 + # - node_name: ST_HO-PRV-PC-2 # services: # - service_name: NTPClient - # - node_name: ST-HO-PRV-PC-3 + # - node_name: ST_HO-PRV-PC-3 # services: # - service_name: NTPClient # # ===== ST Human Resources ====== - # - node_name: ST-HR-PRV-PC-1 + # - node_name: ST_HR-PRV-PC-1 # services: # - service_name: NTPClient - # - node_name: ST-HR-PRV-PC-2 + # - node_name: ST_HR-PRV-PC-2 # services: # - service_name: NTPClient - # - node_name: ST-HR-PRV-PC-3 + # - node_name: ST_HR-PRV-PC-3 # services: # - service_name: NTPClient # # ====== ST DATA Servers ======= - # - node_name: ST-DATA-PRV-SRV-STORAGE + # - node_name: ST_DATA-PRV-SRV-STORAGE # services: # - service_name: NTPClient - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # services: # - service_name: NTPClient # # ====== ST Project A ======= @@ -2926,7 +2926,7 @@ agents: # reward_components: # - type: DUMMY - # # 2. Periodic Database (ST-DATA-PRV-SRV-DB) FTP backups (ST-DATA-PRV-SRV-STORAGE) + # # 2. Periodic Database (ST_DATA-PRV-SRV-DB) FTP backups (ST_DATA-PRV-SRV-STORAGE) # - ref: SYSTEM-FTP # team: GREEN @@ -2947,7 +2947,7 @@ agents: # service_id: 0 # options: # nodes: - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # applications: # - application_name: database-client # ip_list: @@ -3017,50 +3017,50 @@ agents: # 7: # action: NODE_SERVICE_START # options: - # node_id: 6 # ST-DMZ-PUB-SRV-WEB + # node_id: 6 # ST_DMZ-PUB-SRV-WEB # service_id: 0 # # ====== ST Head Office ======= # 8: # action: NODE_SERVICE_START # options: - # node_id: 7 # ST-HO-PRV-PC-1 + # node_id: 7 # ST_HO-PRV-PC-1 # service_id: 0 # 9: # action: NODE_SERVICE_START # options: - # node_id: 8 # ST-HO-PRV-PC-2 + # node_id: 8 # ST_HO-PRV-PC-2 # service_id: 0 # 10: # action: NODE_SERVICE_START # options: - # node_id: 9 # ST-HO-PRV-PC-3 + # node_id: 9 # ST_HO-PRV-PC-3 # service_id: 0 # # ====== ST Human Resources ======= # 11: # action: NODE_SERVICE_START # options: - # node_id: 10 # ST-HR-PRV-PC-1 + # node_id: 10 # ST_HR-PRV-PC-1 # service_id: 0 # 12: # action: NODE_SERVICE_START # options: - # node_id: 11 # ST-HR-PRV-PC-2 + # node_id: 11 # ST_HR-PRV-PC-2 # service_id: 0 # 13: # action: NODE_SERVICE_START # options: - # node_id: 12 # ST-HR-PRV-PC-3 + # node_id: 12 # ST_HR-PRV-PC-3 # service_id: 0 # # ====== ST DATA Servers ======= # 14: # action: NODE_SERVICE_START # options: - # node_id: 13 # ST-DATA-PRV-SRV-STORAGE + # node_id: 13 # ST_DATA-PRV-SRV-STORAGE # service_id: 0 # 15: # action: NODE_SERVICE_START # options: - # node_id: 14 # ST-DATA-PRV-SRV-DB + # node_id: 14 # ST_DATA-PRV-SRV-DB # service_id: 0 # # ====== ST Project A ======= # 16: @@ -3133,34 +3133,34 @@ agents: # services: # - service_name: dns-client # # ====== ST Public DMZ ======= - # - node_name: ST-DMZ-PUB-SRV-WEB + # - node_name: ST_DMZ-PUB-SRV-WEB # services: # - service_name: dns-client # # ====== ST Head Office ======= - # - node_name: ST-HO-PRV-PC-1 + # - node_name: ST_HO-PRV-PC-1 # services: # - service_name: dns-client - # - node_name: ST-HO-PRV-PC-2 + # - node_name: ST_HO-PRV-PC-2 # services: # - service_name: dns-client - # - node_name: ST-HO-PRV-PC-3 + # - node_name: ST_HO-PRV-PC-3 # services: # - service_name: dns-client # # ===== ST Human Resources ====== - # - node_name: ST-HR-PRV-PC-1 + # - node_name: ST_HR-PRV-PC-1 # services: # - service_name: dns-client - # - node_name: ST-HR-PRV-PC-2 + # - node_name: ST_HR-PRV-PC-2 # services: # - service_name: dns-client - # - node_name: ST-HR-PRV-PC-3 + # - node_name: ST_HR-PRV-PC-3 # services: # - service_name: dns-client # # ====== ST DATA Servers ======= - # - node_name: ST-DATA-PRV-SRV-STORAGE + # - node_name: ST_DATA-PRV-SRV-STORAGE # services: # - service_name: dns-client - # - node_name: ST-DATA-PRV-SRV-DB + # - node_name: ST_DATA-PRV-SRV-DB # services: # - service_name: dns-client # # ====== ST Project A ======= diff --git a/src/primaite/notebooks/UC7-E2E-Demo.ipynb b/src/primaite/notebooks/UC7-E2E-Demo.ipynb index 87f715e7..3ed8a281 100644 --- a/src/primaite/notebooks/UC7-E2E-Demo.ipynb +++ b/src/primaite/notebooks/UC7-E2E-Demo.ipynb @@ -269,7 +269,7 @@ "outputs": [], "source": [ "# ST DMZ Public Firewall (Permits all traffic by default)\n", - "st_pub_fw: Firewall = uc7_network.get_node_by_hostname(hostname=\"ST-PUB-FW\")\n", + "st_pub_fw: Firewall = uc7_network.get_node_by_hostname(hostname=\"ST_PUB-FW\")\n", "st_pub_fw.show_nic()" ] }, @@ -280,7 +280,7 @@ "outputs": [], "source": [ "# ST DMZ Public web-server\n", - "st_dmz_pub_srv_web: Server = uc7_network.get_node_by_hostname(hostname=\"ST-DMZ-PUB-SRV-WEB\")\n", + "st_dmz_pub_srv_web: Server = uc7_network.get_node_by_hostname(hostname=\"ST_DMZ-PUB-SRV-WEB\")\n", "st_dmz_pub_srv_web.software_manager.show()" ] }, @@ -301,9 +301,9 @@ "| `ST_PROJ_B` | Development Network |\n", "| `ST_PROJ_C` | Development Network |\n", "\n", - "In order for hosts to communicate between each network and the wider internet, the main site utilises three routers' `ST-INTRA-PRV-RT-DR-1`, `ST-INTRA-PRV-RT-DR-2` and `ST-INTRA-PRV-RT-CR`.\n", + "In order for hosts to communicate between each network and the wider internet, the main site utilises three routers' `ST_INTRA-PRV-RT-DR-1`, `ST_INTRA-PRV-RT-DR-2` and `ST_INTRA-PRV-RT-CR`.\n", "\n", - "The `ST-INTRA-PRV-RT-DR-1` router is responsible for routing all traffic from the `ST_PROJ_A`/`B`/`C` networks whereas the `ST-INTRA-PRV-RT-DR-2` router routes all traffic from the `ST_HO`/`HR` networks. Both of which then forward all traffic to the main `ST-INTRA-PRV-RT-CR` router. \n", + "The `ST_INTRA-PRV-RT-DR-1` router is responsible for routing all traffic from the `ST_PROJ_A`/`B`/`C` networks whereas the `ST_INTRA-PRV-RT-DR-2` router routes all traffic from the `ST_HO`/`HR` networks. Both of which then forward all traffic to the main `ST_INTRA-PRV-RT-CR` router. \n", "\n", "This central router connects to the `ST_DMZ` firewall (`ST-PUB-FW`) as well as any traffic that is headed to the `ST_DATA` (the ST database and database storage) network.\n" ] @@ -314,7 +314,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_intra_prv_rt_cr: Router = uc7_network.get_node_by_hostname(hostname=\"ST-INTRA-PRV-RT-CR\")\n", + "st_intra_prv_rt_cr: Router = uc7_network.get_node_by_hostname(hostname=\"ST_INTRA-PRV-RT-CR\")\n", "st_intra_prv_rt_cr.route_table.show()" ] }, @@ -324,7 +324,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_intra_prv_rt_dr_1: Router = uc7_network.get_node_by_hostname(hostname=\"ST-INTRA-PRV-RT-DR-1\")" + "st_intra_prv_rt_dr_1: Router = uc7_network.get_node_by_hostname(hostname=\"ST_INTRA-PRV-RT-DR-1\")" ] }, { @@ -333,7 +333,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_intra_prv_rt_dr_2: Router = uc7_network.get_node_by_hostname(hostname=\"ST-INTRA-PRV-RT-DR-2\")" + "st_intra_prv_rt_dr_2: Router = uc7_network.get_node_by_hostname(hostname=\"ST_INTRA-PRV-RT-DR-2\")" ] }, { @@ -351,7 +351,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_head_office_private_pc_1: Computer = uc7_network.get_node_by_hostname(\"ST-HO-PRV-PC-1\")\n", + "st_head_office_private_pc_1: Computer = uc7_network.get_node_by_hostname(\"ST_HO-PRV-PC-1\")\n", "st_head_office_private_pc_1.software_manager.show()" ] }, @@ -370,7 +370,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_human_resources_private_pc_2: Computer = uc7_network.get_node_by_hostname(\"ST-HR-PRV-PC-2\")\n", + "st_human_resources_private_pc_2: Computer = uc7_network.get_node_by_hostname(\"ST_HR-PRV-PC-2\")\n", "st_human_resources_private_pc_2.software_manager.show()" ] }, @@ -384,8 +384,8 @@ "\n", "| Server | Purpose |\n", "|--------|---------|\n", - "| `ST-DATA-PRV-SRV-DB` | Hosts the `database-service` that all `database-client` are configured to use. | \n", - "| `ST-DATA-PRV-SRV-STORAGE`| Acts as a storage server for the `ST-DATA-PRV-SRV-DB`. |" + "| `ST_DATA-PRV-SRV-DB` | Hosts the `database-service` that all `database-client` are configured to use. | \n", + "| `ST_DATA-PRV-SRV-STORAGE`| Acts as a storage server for the `ST_DATA-PRV-SRV-DB`. |" ] }, { @@ -394,7 +394,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_data_private_server_database: Server = uc7_network.get_node_by_hostname(\"ST-DATA-PRV-SRV-DB\")\n", + "st_data_private_server_database: Server = uc7_network.get_node_by_hostname(\"ST_DATA-PRV-SRV-DB\")\n", "st_data_private_server_database_service: DatabaseService = st_data_private_server_database.software_manager.software[\"database-service\"]\n", "st_data_private_server_database.software_manager.show()\n", "st_data_private_server_database.software_manager.file_system.show(full=True)\n", @@ -407,7 +407,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_data_private_server_storage: Server = uc7_network.get_node_by_hostname(\"ST-DATA-PRV-SRV-STORAGE\")\n", + "st_data_private_server_storage: Server = uc7_network.get_node_by_hostname(\"ST_DATA-PRV-SRV-STORAGE\")\n", "st_data_private_server_storage.software_manager.show()" ] }, @@ -426,7 +426,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_project_a_private_pc_1: Computer = uc7_network.get_node_by_hostname(\"ST-PROJ-A-PRV-PC-1\")\n", + "st_project_a_private_pc_1: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", "st_project_a_private_pc_1.software_manager.show()" ] }, @@ -443,7 +443,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_project_b_private_pc_2: Computer = uc7_network.get_node_by_hostname(\"ST-PROJ-B-PRV-PC-2\")\n", + "st_project_b_private_pc_2: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-B-PRV-PC-2\")\n", "st_project_b_private_pc_2.software_manager.show()" ] }, @@ -460,7 +460,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_project_c_private_pc_3: Computer = uc7_network.get_node_by_hostname(\"ST-PROJ-C-PRV-PC-3\")\n", + "st_project_c_private_pc_3: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-C-PRV-PC-3\")\n", "st_project_c_private_pc_3.software_manager.show()" ] }, @@ -489,14 +489,14 @@ "| `REMOTE SITE` |`REM-PUB-PC-1`| `database-client`| *Periodic* | |**12** |**1** |**4** |**1** |**MEDIUM** |\n", "| `REMOTE SITE` |`REM-PUB-PC-2`| `database-client`| *Periodic* | |**16** |**1** |**4** |**1** |**MEDIUM** |\n", "| `REMOTE SITE` |`REM-PUB-PC-1`/`2`| `web-browser` | *Probabilistic* |**20%** | | | | |**LOW** |\n", - "| `ST PROJECT A`/`B`/`C` |`ST-PROJ-*-PRV-PC-1`| `database-client`| *Periodic* | |**1** |**1** |**4** |**1** |**HIGH** |\n", - "| `ST PROJECT A`/`B`/`C` |`ST-PROJ-*-PRV-PC-1`| `web-browser` | *Probabilistic* |**40%** | | | | |**LOW** |\n", - "| `ST PROJECT A`/`B`/`C` |`ST-PROJ-*-PRV-PC-2`/`3`| `database-client`| *Periodic* | |**1** |**1** |**4** |**1** |**MEDIUM** |\n", - "| `ST PROJECT A`/`B`/`C` |`ST-PROJ-*-PRV-PC-2`/`3`| `web-browser` | *Probabilistic* |**20%** | | | | |**LOW** |\n", + "| `ST PROJECT A`/`B`/`C` |`ST_PROJ-*-PRV-PC-1`| `database-client`| *Periodic* | |**1** |**1** |**4** |**1** |**HIGH** |\n", + "| `ST PROJECT A`/`B`/`C` |`ST_PROJ-*-PRV-PC-1`| `web-browser` | *Probabilistic* |**40%** | | | | |**LOW** |\n", + "| `ST PROJECT A`/`B`/`C` |`ST_PROJ-*-PRV-PC-2`/`3`| `database-client`| *Periodic* | |**1** |**1** |**4** |**1** |**MEDIUM** |\n", + "| `ST PROJECT A`/`B`/`C` |`ST_PROJ-*-PRV-PC-2`/`3`| `web-browser` | *Probabilistic* |**20%** | | | | |**LOW** |\n", "| `ST HEAD OFFICE` |`ST-HO-PRV-PC-1`| `web-browser` | *Probabilistic* |**60%** | | | | |**HIGH** |\n", "| `ST HEAD OFFICE` |`ST-HO-PRV-PC-2`/`3`| `web-browser` | *Probabilistic* |**60%** | | | | |**MEDIUM** |\n", - "| `ST HUMAN RESOURCES` |`ST-HR-PRV-PC-1`| `web-browser` | *Probabilistic* |**60%** | | | | |**MEDIUM** |\n", - "| `ST HUMAN RESOURCES` |`ST-HR-PRV-PC-2`/`3`| `web-browser` | *Probabilistic* |**60%** | | | | |**LOW** |\n", + "| `ST HUMAN RESOURCES` |`ST_HR-PRV-PC-1`| `web-browser` | *Probabilistic* |**60%** | | | | |**MEDIUM** |\n", + "| `ST HUMAN RESOURCES` |`ST_HR-PRV-PC-2`/`3`| `web-browser` | *Probabilistic* |**60%** | | | | |**LOW** |\n", "\n", "\n", "For the full details on each green agent then please click on the drop-down menu below:\n", @@ -547,7 +547,7 @@ "source": [ "#### AGENTS | Green *PoL* | database-client Agents Demo\n", "\n", - "The `database-client` green agents will attempt to use their host's `database-client` application to make a simple connection to the `database-service` on the `ST-DATA-PRV-SRV-DB` host (these connections have no direct impact to the `database-service` or the `database.db` file itself).\n", + "The `database-client` green agents will attempt to use their host's `database-client` application to make a simple connection to the `database-service` on the `ST_DATA-PRV-SRV-DB` host (these connections have no direct impact to the `database-service` or the `database.db` file itself).\n", "\n", "Additionally, `database-client` green agents are *Periodic* meaning they will attempt to use the database based on game time-steps. Specifically, these agents will begin on the time-step given in their `start step` setting and will then will reattempt on each subsequence timestep based on the `Frequency` setting. These settings are then randomised using the remaining `Start Variance` and `Variance` options (also given in timesteps). These values are used to *±* their respective base settings to ensure the green agents achieve a moderate amount of domain randomisation in each PrimAITE episode.\n", "\n", @@ -632,7 +632,7 @@ "source": [ "### AGENTS | RED AGENT | Threat Actor Profile 001 (TAP001)\n", "\n", - "This TAP aims to exfiltrate and then encrypt the `database.db` file on `ST-DATA-PRV-SRV-DB` host, whilst leaving the functionality of the database intact. Configured by default to start on the `ST-PROJ-A-PRV-PC-1` host, `TAP001` must first embed itself on the host, locate the target (`ST-DATA-PRV-SRV-DB`) through a series of NMAP scans, establish a connection to it's `C2Server` (`ISP-PUB-SRV-DNS` by default) and then finally attempt to exfiltrate and encrypt. \n", + "This TAP aims to exfiltrate and then encrypt the `database.db` file on `ST_DATA-PRV-SRV-DB` host, whilst leaving the functionality of the database intact. Configured by default to start on the `ST_PROJ-A-PRV-PC-1` host, `TAP001` must first embed itself on the host, locate the target (`ST_DATA-PRV-SRV-DB`) through a series of NMAP scans, establish a connection to it's `C2Server` (`ISP-PUB-SRV-DNS` by default) and then finally attempt to exfiltrate and encrypt. \n", "\n", "If successful, the blue agent is configured to receive a serve negative reward and thus must prevent `TAP001` from ever reaching the target database. This could be through blocking it's connection to the target or it's `C2Server` via a carefully crafted ACL or perhaps through more a forceful approach such as shutting down the starting host.\n", "\n", @@ -661,7 +661,7 @@ "outputs": [], "source": [ "# TAP001 starting host\n", - "st_project_a_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST-PROJ-A-PRV-PC-1\")\n", + "st_project_a_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", "st_project_a_private_pc_1.software_manager.show()" ] }, @@ -683,7 +683,7 @@ "outputs": [], "source": [ "# Database Impact \n", - "st_data_private_server_database: Server = env.game.simulation.network.get_node_by_hostname(hostname=\"ST-DATA-PRV-SRV-DB\")\n", + "st_data_private_server_database: Server = env.game.simulation.network.get_node_by_hostname(hostname=\"ST_DATA-PRV-SRV-DB\")\n", "st_data_private_server_database.file_system.show(full=True)" ] }, @@ -699,8 +699,8 @@ "\n", "|Target Router | Impact |\n", "|----------------------|--------|\n", - "|`ST-INTRA-PRV-RT-DR-1`| Blocks all `POSTGRES_SERVER` that arrives at the `ST-INTRA-PRV-RT-DR-1` router. This rule will prevent all ST_PROJ_* hosts from accessing the database (`ST-DATA-PRV-SRV-DB`).|\n", - "|`ST-INTRA-PRV-RT-CR`| Blocks all `HTTP` traffic that arrives at the`ST-INTRA-PRV-RT-CR` router. This rule will prevent all SOME_TECH hosts from accessing the web-server (`ST-DMZ-PUB-SRV-WEB`)|\n", + "|`ST_INTRA-PRV-RT-DR-1`| Blocks all `POSTGRES_SERVER` that arrives at the `ST_INTRA-PRV-RT-DR-1` router. This rule will prevent all ST_PROJ_* hosts from accessing the database (`ST_DATA-PRV-SRV-DB`).|\n", + "|`ST_INTRA-PRV-RT-CR`| Blocks all `HTTP` traffic that arrives at the`ST_INTRA-PRV-RT-CR` router. This rule will prevent all SOME_TECH hosts from accessing the web-server (`ST-DMZ-PUB-SRV-WEB`)|\n", "|`REM-PUB-RT-DR`| Blocks all `DNS` traffic that arrives at the `REM-PUB-RT-DR` router. This rule prevents any remote site works from accessing the DNS Server (`ISP-PUB-SRV-DNS`).|\n", "\n", "Lastly, it's highly recommended that users refer to the [TAP003 E2E notebook](./UC7-TAP003-Kill-Chain-E2E.ipynb) for further information or for the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) demonstration of TAP003 defence." @@ -743,7 +743,7 @@ "metadata": {}, "outputs": [], "source": [ - "env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-DR-1\").acl.show()" + "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\").acl.show()" ] }, { @@ -752,7 +752,7 @@ "metadata": {}, "outputs": [], "source": [ - "env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-CR\").acl.show()" + "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\").acl.show()" ] }, { @@ -861,34 +861,34 @@ "|10|REM-PUB-SW-AS:eth-2|REM-PUB-PC-1:eth-1 |\n", "|11|REM-PUB-SW-AS:eth-3|REM-PUB-PC-2:eth-1 | \n", "|12|REM-PUB-SW-AS:eth-4|REM-PUB-SRV:eth-1 |\n", - "|13|ISP-PUB-RT-BR:eth-4|ST-PUB-FW:eth-1 |\n", - "|14|ST-PUB-FW:eth-3|ST-DMZ-PUB-SRV-WEB:eth-1 |\n", - "|15|ST-INTRA-PRV-RT-CR:eth-1|ST-PUB-FW:eth-2 |\n", - "|16|ST-INTRA-PRV-RT-CR:eth-2|ST-INTRA-PRV-RT-DR-1:eth-1 |\n", - "|17|ST-INTRA-PRV-RT-CR:eth-3|ST-INTRA-PRV-RT-DR-2:eth-1 | \n", - "|18|ST-INTRA-PRV-RT-CR:eth-4|ST-DATA-PRV-SW-AS:eth-1 |\n", - "|19|ST-HO-PRV-SW-AS:eth-1|ST-INTRA-PRV-RT-DR-2:eth-2 |\n", - "|20|ST-HO-PRV-SW-AS:eth-2|ST-HO-PRV-PC-1:eth-1 |\n", - "|21|ST-HO-PRV-SW-AS:eth-3|ST-HO-PRV-PC-2:eth-1 |\n", - "|22|ST-HO-PRV-SW-AS:eth-4|ST-HO-PRV-PC-3:eth-1 |\n", - "|23|ST-HR-PRV-SW-AS:eth-1|ST-INTRA-PRV-RT-DR-2:eth-3 |\n", - "|24|ST-HR-PRV-SW-AS:eth-2|ST-HR-PRV-PC-1:eth-1 |\n", - "|25|ST-HR-PRV-SW-AS:eth-3|ST-HR-PRV-PC-2:eth-1 |\n", - "|26|ST-HR-PRV-SW-AS:eth-4|ST-HR-PRV-PC-3:eth-1 |\n", - "|27|ST-DATA-PRV-SW-AS:eth-2|ST-DATA-PRV-SRV-STORAGE:eth-1 |\n", - "|28|ST-DATA-PRV-SW-AS:eth-3|ST-DATA-PRV-SRV-DB:eth-1 | \n", - "|29|ST-INTRA-PRV-RT-DR-1:eth-2|ST-PROJ-A-PRV-SW-AS:eth-1 |\n", - "|30|ST-PROJ-A-PRV-SW-AS:eth2|ST-PROJ-A-PRV-PC-1:eth-1|\n", - "|31|ST-PROJ-A-PRV-SW-AS:eth3|ST-PROJ-A-PRV-PC-2:eth-1 |\n", - "|32|ST-PROJ-A-PRV-SW-AS:eth4|ST-PROJ-A-PRV-PC-3:eth-1 | \n", - "|33|ST-INTRA-PRV-RT-DR-1:eth-3|ST-PROJ-B-PRV-SW-AS:eth-1 |\n", - "|34|ST-PROJ-B-PRV-SW-AS:eth2|ST-PROJ-B-PRV-PC-1:eth-1 |\n", - "|35|ST-PROJ-B-PRV-SW-AS:eth3|ST-PROJ-B-PRV-PC-2:eth-1 |\n", - "|36|ST-PROJ-B-PRV-SW-AS:eth4|ST-PROJ-B-PRV-PC-3:eth-1 | \n", - "|37|ST-INTRA-PRV-RT-DR-1:eth-4|ST-PROJ-C-PRV-SW-AS:eth-1 |\n", - "|38|ST-PROJ-A-PRV-SW-AS:eth2|ST-PROJ-C-PRV-PC-1:eth-1 |\n", - "|39|ST-PROJ-A-PRV-SW-AS:eth3|ST-PROJ-C-PRV-PC-2:eth-1 |\n", - "|40|ST-PROJ-A-PRV-SW-AS:eth4|ST-PROJ-C-PRV-PC-3:eth-1 |\n", + "|13|ISP-PUB-RT-BR:eth-4|ST_PUB-FW:eth-1 |\n", + "|14|ST_PUB-FW:eth-3|ST_DMZ-PUB-SRV-WEB:eth-1 |\n", + "|15|ST_INTRA-PRV-RT-CR:eth-1|ST_PUB-FW:eth-2 |\n", + "|16|ST_INTRA-PRV-RT-CR:eth-2|ST_INTRA-PRV-RT-DR-1:eth-1 |\n", + "|17|ST_INTRA-PRV-RT-CR:eth-3|ST_INTRA-PRV-RT-DR-2:eth-1 | \n", + "|18|ST_INTRA-PRV-RT-CR:eth-4|ST_DATA-PRV-SW-AS:eth-1 |\n", + "|19|ST_HO-PRV-SW-AS:eth-1|ST_INTRA-PRV-RT-DR-2:eth-2 |\n", + "|20|ST_HO-PRV-SW-AS:eth-2|ST_HO-PRV-PC-1:eth-1 |\n", + "|21|ST_HO-PRV-SW-AS:eth-3|ST_HO-PRV-PC-2:eth-1 |\n", + "|22|ST_HO-PRV-SW-AS:eth-4|ST_HO-PRV-PC-3:eth-1 |\n", + "|23|ST_HR-PRV-SW-AS:eth-1|ST_INTRA-PRV-RT-DR-2:eth-3 |\n", + "|24|ST_HR-PRV-SW-AS:eth-2|ST_HR-PRV-PC-1:eth-1 |\n", + "|25|ST_HR-PRV-SW-AS:eth-3|ST_HR-PRV-PC-2:eth-1 |\n", + "|26|ST_HR-PRV-SW-AS:eth-4|ST_HR-PRV-PC-3:eth-1 |\n", + "|27|ST_DATA-PRV-SW-AS:eth-2|ST_DATA-PRV-SRV-STORAGE:eth-1 |\n", + "|28|ST_DATA-PRV-SW-AS:eth-3|ST_DATA-PRV-SRV-DB:eth-1 | \n", + "|29|ST_INTRA-PRV-RT-DR-1:eth-2|ST_PROJ-A-PRV-SW-AS:eth-1 |\n", + "|30|ST_PROJ-A-PRV-SW-AS:eth2|ST_PROJ-A-PRV-PC-1:eth-1|\n", + "|31|ST_PROJ-A-PRV-SW-AS:eth3|ST_PROJ-A-PRV-PC-2:eth-1 |\n", + "|32|ST_PROJ-A-PRV-SW-AS:eth4|ST_PROJ-A-PRV-PC-3:eth-1 | \n", + "|33|ST_INTRA-PRV-RT-DR-1:eth-3|ST_PROJ-B-PRV-SW-AS:eth-1 |\n", + "|34|ST_PROJ-B-PRV-SW-AS:eth2|ST_PROJ-B-PRV-PC-1:eth-1 |\n", + "|35|ST_PROJ-B-PRV-SW-AS:eth3|ST_PROJ-B-PRV-PC-2:eth-1 |\n", + "|36|ST_PROJ-B-PRV-SW-AS:eth4|ST_PROJ-B-PRV-PC-3:eth-1 | \n", + "|37|ST_INTRA-PRV-RT-DR-1:eth-4|ST_PROJ-C-PRV-SW-AS:eth-1 |\n", + "|38|ST_PROJ-A-PRV-SW-AS:eth2|ST_PROJ-C-PRV-PC-1:eth-1 |\n", + "|39|ST_PROJ-A-PRV-SW-AS:eth3|ST_PROJ-C-PRV-PC-2:eth-1 |\n", + "|40|ST_PROJ-A-PRV-SW-AS:eth4|ST_PROJ-C-PRV-PC-3:eth-1 |\n", "\n", "" ] @@ -923,10 +923,10 @@ "\n", "|Host label|hostname| services | applications | folders | files |\n", "|:--:|:--:|:--:|:--:|:--:|:--:|\n", - "|HOST1|ST-PROJ-A-PRV-PC-1 | ftp-client | ransomware_script, database-client | downloads, exfiltration_folder | malware_dropper.ps1, database.db |\n", - "|HOST2|ST-PROJ-B-PRV-PC-2| ftp-client | ransomware-script, database-client | downloads, exfiltration_folder | malware_dropper.ps1, database.db |\n", - "|HOST3|ST-PROJ-C-PRV-PC-3| ftp-client | ransomware-script, database-client | downloads, exfiltration_folder | malware_dropper.ps1, database.db |\n", - "|HOST4|ST-DATA-PRV-SRV-DB||| database | database.db|\n", + "|HOST1|ST_PROJ-A-PRV-PC-1 | ftp-client | ransomware_script, database-client | downloads, exfiltration_folder | malware_dropper.ps1, database.db |\n", + "|HOST2|ST_PROJ-B-PRV-PC-2| ftp-client | ransomware-script, database-client | downloads, exfiltration_folder | malware_dropper.ps1, database.db |\n", + "|HOST3|ST_PROJ-C-PRV-PC-3| ftp-client | ransomware-script, database-client | downloads, exfiltration_folder | malware_dropper.ps1, database.db |\n", + "|HOST4|ST_DATA-PRV-SRV-DB||| database | database.db|\n", "\n", "\n", "Each `time_step` these hosts report the following to the blue agent:\n", @@ -1109,8 +1109,8 @@ "\n", "by default, the UC7 agent is configured to observe `3` different routers:\n", "\n", - "- `ST-INTRA-PRV-RT-CR`\n", - "- `ST-INTRA-PRV-RT-DR-1`\n", + "- `ST_INTRA-PRV-RT-CR`\n", + "- `ST_INTRA-PRV-RT-DR-1`\n", "- `REM-PUB-RT-DR`\n" ] }, @@ -1152,14 +1152,14 @@ "|6|192.168.20.3 | REM-PUB-PC-2 |\n", "|7|192.168.20.4 | REM-PUB-SRV |\n", "|8|192.168.100.2| ST_PUB_SRV_WEB_IP |\n", - "|9|192.168.200.2 | ST-HO-PRV-PC-1 |\n", - "|10|192.168.200.3 | ST-HO-PRV-PC-2 |\n", - "|11|192.168.200.4 | ST-HO-PRV-PC-3 |\n", - "|12|192.168.210.2 | ST-HR-PRV-PC-1 |\n", - "|13|192.168.210.3 | ST-HR-PRV-PC-2 |\n", - "|14|192.168.210.4 | ST-HR-PRV-PC-3 |\n", - "|15|192.168.220.2 | ST-DATA-PRV-SRV-STORAGE | \n", - "|16|192.168.220.3 | ST-DATA-PRV-SRV-DB |\n", + "|9|192.168.200.2 | ST_HO-PRV-PC-1 |\n", + "|10|192.168.200.3 | ST_HO-PRV-PC-2 |\n", + "|11|192.168.200.4 | ST_HO-PRV-PC-3 |\n", + "|12|192.168.210.2 | ST_HR-PRV-PC-1 |\n", + "|13|192.168.210.3 | ST_HR-PRV-PC-2 |\n", + "|14|192.168.210.4 | ST_HR-PRV-PC-3 |\n", + "|15|192.168.220.2 | ST_DATA-PRV-SRV-STORAGE | \n", + "|16|192.168.220.3 | ST_DATA-PRV-SRV-DB |\n", "|17|192.168.230.2 | PROJ-A-PRV-PC-1 |\n", "|18|192.168.230.3 | PROJ-A-PRV-PC-2 |\n", "|19|192.168.230.4 | PROJ-A-PRV-PC-3 |\n", @@ -1261,24 +1261,24 @@ " options: {}\n", "\n", " # |======================================|\n", - " # | ST-PROJ-A-PRV-PC-1 |\n", + " # | ST_PROJ-A-PRV-PC-1 |\n", " # |======================================|\n", "\n", - " # ST-PROJ-A-PRV-PC-1 | node-os-scan\n", + " # ST_PROJ-A-PRV-PC-1 | node-os-scan\n", " 1:\n", " action: node-os-scan\n", " options:\n", - " node_name: ST-PROJ-A-PRV-PC-1\n", - " # ST-PROJ-A-PRV-PC-1 | node-shutdown\n", + " node_name: ST_PROJ-A-PRV-PC-1\n", + " # ST_PROJ-A-PRV-PC-1 | node-shutdown\n", " 2:\n", " action: node-shutdown\n", " options:\n", - " node_name: ST-PROJ-A-PRV-PC-1\n", - " # ST-PROJ-A-PRV-PC-1 | node-startup\n", + " node_name: ST_PROJ-A-PRV-PC-1\n", + " # ST_PROJ-A-PRV-PC-1 | node-startup\n", " 3:\n", " action: node-startup\n", " options:\n", - " node_name: ST-PROJ-A-PRV-PC-1\n", + " node_name: ST_PROJ-A-PRV-PC-1\n", "```\n", "\n", "Converting the yaml snippet below we end up with the following:\n", @@ -1286,9 +1286,9 @@ "|Action Num | Action Type | Options|\n", "|:---------:|:-----------:|:------:|\n", "|0|**DONOTHING**|*n/a*|\n", - "|1|**NODE_OS_SCAN**|*node_name: ST-PROJ-A-PRV-PC-1*|\n", - "|2|**NODE_SHUTDOWN**|*node_name: ST-PROJ-A-PRV-PC-1*|\n", - "|3|**NODE_STARTUP**|*node_name: ST-PROJ-A-PRV-PC-1*|\n" + "|1|**NODE_OS_SCAN**|*node_name: ST_PROJ-A-PRV-PC-1*|\n", + "|2|**NODE_SHUTDOWN**|*node_name: ST_PROJ-A-PRV-PC-1*|\n", + "|3|**NODE_STARTUP**|*node_name: ST_PROJ-A-PRV-PC-1*|\n" ] }, { @@ -1332,7 +1332,7 @@ "\n", "For example, if a red agent corrupts and alters the health status of a file, the blue agent's observation space will not reflect this until the agent performs a `NODE_FILE_SCAN` on the newly corrupted file. It's worth noting that blue agents can be configured to see the true `HEALTH_STATUS` of software and files without needing to scan in the yaml. Although this may make it easier for an train and create an effective blue agent it could be seen as reducing the fidelity of the simulation.\n", "\n", - "The code snippet below demonstrates an example where the blue agent uses the `NODE_OS_SCAN` action to reveal the true health status `ST-PROJ-A-PRV-PC-1`." + "The code snippet below demonstrates an example where the blue agent uses the `NODE_OS_SCAN` action to reveal the true health status `ST_PROJ-A-PRV-PC-1`." ] }, { @@ -1353,7 +1353,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_project_a_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST-PROJ-A-PRV-PC-1\")\n", + "st_project_a_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", "st_project_a_private_pc_1.software_manager.software[\"ftp-client\"].set_health_state(SoftwareHealthState.COMPROMISED)\n", "st_project_a_private_pc_1.software_manager.software[\"database-client\"].set_health_state(SoftwareHealthState.COMPROMISED)\n", "st_project_a_private_pc_1.software_manager.show()" @@ -1388,7 +1388,7 @@ "source": [ "`2: NODE_SHUTDOWN`:\n", "\n", - "The next action available is the `NODE_SHUTDOWN` action. This action quite is quite simple in comparison and literally attempts to shut down the target host given in the `options` settings which is set to `ST-PROJ-A-PRV-PC-1`. Shutting a PC down affects the `operating_status` of the host machine which the following snippets demonstrate." + "The next action available is the `NODE_SHUTDOWN` action. This action quite is quite simple in comparison and literally attempts to shut down the target host given in the `options` settings which is set to `ST_PROJ-A-PRV-PC-1`. Shutting a PC down affects the `operating_status` of the host machine which the following snippets demonstrate." ] }, { @@ -1399,7 +1399,7 @@ "source": [ "# `1` is equal to 'ON' in this case.\n", "obs, reward, term, trunc, info = env.step(0)\n", - "print(f\"ST-PROJ-A-PRV-PC-1's (prior shutdown) operating state: {defender.observation_manager.current_observation['NODES']['HOST0']['operating_status']}\")" + "print(f\"ST_PROJ-A-PRV-PC-1's (prior shutdown) operating state: {defender.observation_manager.current_observation['NODES']['HOST0']['operating_status']}\")" ] }, { @@ -1420,7 +1420,7 @@ "outputs": [], "source": [ "obs, reward, term, trunc, info = env.step(0)\n", - "print(f\"ST-PROJ-A-PRV-PC-1's (post shutdown) operating state: {defender.observation_manager.current_observation['NODES']['HOST0']['operating_status']}\")" + "print(f\"ST_PROJ-A-PRV-PC-1's (post shutdown) operating state: {defender.observation_manager.current_observation['NODES']['HOST0']['operating_status']}\")" ] }, { @@ -1429,7 +1429,7 @@ "source": [ "`3: NODE_STARTUP`:\n", "\n", - "Luckily, the blue agent can use it's third action `NODE_STARTUP` has been configured to bring the `ST-PROJ-A-PRV-PC-1` back up and running. Although, with the a three timestep reboot time.\n" + "Luckily, the blue agent can use it's third action `NODE_STARTUP` has been configured to bring the `ST_PROJ-A-PRV-PC-1` back up and running. Although, with the a three timestep reboot time.\n" ] }, { @@ -1444,7 +1444,7 @@ " env.step(0) # 3 second reboot time.\n", " \n", "obs, reward, term, trunc, info = env.step(0)\n", - "print(f\"ST-PROJ-A-PRV-PC-1's (prior shutdown) operating state: {defender.observation_manager.current_observation['NODES']['HOST0']['operating_status']}\")" + "print(f\"ST_PROJ-A-PRV-PC-1's (prior shutdown) operating state: {defender.observation_manager.current_observation['NODES']['HOST0']['operating_status']}\")" ] }, { @@ -1463,7 +1463,7 @@ " - type: DATABASE_FILE_INTEGRITY\n", " weight: *HIGH_WEIGHT_IMPACT\n", " options: \n", - " node_hostname: ST-DATA-PRV-SRV-DB \n", + " node_hostname: ST_DATA-PRV-SRV-DB \n", " folder_name: database\n", " file_name: database.db\n", "```\n", @@ -1576,14 +1576,14 @@ "defender = env.game.rl_agents.get(\"defender\")\n", "\n", "# Corrupting and Disabling the database-service\n", - "st_data_private_server_database: Server = env.game.simulation.network.get_node_by_hostname(\"ST-DATA-PRV-SRV-DB\")\n", + "st_data_private_server_database: Server = env.game.simulation.network.get_node_by_hostname(\"ST_DATA-PRV-SRV-DB\")\n", "st_data_private_server_database_file = st_data_private_server_database.file_system.get_file(folder_name=\"database\", file_name=\"database.db\")\n", "st_data_private_server_database_file.health_status = FileSystemItemHealthStatus.COMPROMISED\n", "st_data_private_server_database.software_manager.software[\"database-service\"].operating_state = ServiceOperatingState.DISABLED\n", "\n", "# Shutting down the web-server\n", "\n", - "st_dmz_pub_srv_web: Server = env.game.simulation.network.get_node_by_hostname(\"ST-DMZ-PUB-SRV-WEB\")\n", + "st_dmz_pub_srv_web: Server = env.game.simulation.network.get_node_by_hostname(\"ST_DMZ-PUB-SRV-WEB\")\n", "st_dmz_pub_srv_web.software_manager.software[\"web-server\"].operating_state = ServiceOperatingState.DISABLED\n", "\n", "# Shutting down the DNSServer\n", diff --git a/src/primaite/notebooks/UC7-TAP001-Kill-Chain-E2E.ipynb b/src/primaite/notebooks/UC7-TAP001-Kill-Chain-E2E.ipynb index da7752fc..f015830b 100644 --- a/src/primaite/notebooks/UC7-TAP001-Kill-Chain-E2E.ipynb +++ b/src/primaite/notebooks/UC7-TAP001-Kill-Chain-E2E.ipynb @@ -187,10 +187,10 @@ "# The TAP001 Agent\n", "tap001 = env.game.agents.get(\"attacker\")\n", "# A potential starting client\n", - "starting_host = env.game.simulation.network.get_node_by_hostname('ST-PROJ-A-PRV-PC-1')\n", + "starting_host = env.game.simulation.network.get_node_by_hostname('ST_PROJ-A-PRV-PC-1')\n", "\n", "# The database server which acts as the initial target of the ransomware kill-chain\n", - "database_server = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')" + "database_server = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')" ] }, { @@ -240,7 +240,7 @@ "source": [ "#### **Initial State** | Database Server:\n", "\n", - "TAP001 opts to attack the UC7 database server (`ST-DATA-PRV-SRV-DB`):" + "TAP001 opts to attack the UC7 database server (`ST_DATA-PRV-SRV-DB`):" ] }, { @@ -282,7 +282,7 @@ "# The TAP001's Starting Client:\n", "starting_host = env.game.simulation.network.get_node_by_hostname(tap001.starting_node)\n", "# The TAP001's Database Server:\n", - "target_host = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')" + "target_host = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')" ] }, { @@ -318,8 +318,8 @@ "In this stage, TAP001 uses the **NODE_FOLDER_CREATE** and **NODE_FILE_CREATE** to create a file called ```\"malware_dropper.ps1\"``` within a ```\"Downloads\"``` folder.
\n", "These actions are intended to simulate the malicious payload creating a ```ps1``` (A windows powershell script) malware dropper on the `SOME_TECH` employee's phone. \n", "\n", - "Currently, PrimAITE cannot simulate hosts joining the simulation mid-episode thus we must treat `ST-PROJ-A-PRV-PC-1`'s as also including the employee's phone.
\n", - "From a narrative perspective, this could be explained as the employee plugging his phone into the `ST-PROJ-A-PRV-PC-1`.\n", + "Currently, PrimAITE cannot simulate hosts joining the simulation mid-episode thus we must treat `ST_PROJ-A-PRV-PC-1`'s as also including the employee's phone.
\n", + "From a narrative perspective, this could be explained as the employee plugging his phone into the `ST_PROJ-A-PRV-PC-1`.\n", "\n", "Additionally, it's worth noting that in the real world, malware droppers (small scripts or executables which download/install the malware after initially entering a host) use a variety of obfuscation methods to avoid detection.
For example, some malware droppers are concealed within legitimate files such as word document macros in order to trick a user into running the dropper.\n", "\n", @@ -465,7 +465,7 @@ "In this stage, TAP001 uses **NODE_NMAP_PORT_SCAN**, **NODE_NMAP_PING_SCAN** and **NODE_NMAP_NETWORK_SERVICE_RECON** to scan the simulation in order to search for a valid database target.\n", "\n", "Unlike previous stages, the behaviour of this stage is dependant on the simulation and thus will perform differently dependant on the location of the target as well as the topology of the network. Specifically, the ```PROPAGATE``` stage uses three network enumeration actions and their action responses to populate its knowledge of the network.
\n", - "These actions represent the now infected `ST-PROJ-A-PRV-PC-1` searching the UC7 network for valid targets ransomware. \n", + "These actions represent the now infected `ST_PROJ-A-PRV-PC-1` searching the UC7 network for valid targets ransomware. \n", "\n", "For more information around how agent requests and responses work then the [request-response notebook can provide some useful insights](./Requests-and-Responses.ipynb).\n", "\n", @@ -528,7 +528,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "#### **Kill Chain** | PROPAGATE | ST-PROJ-A-PRV-PC-1\n", + "#### **Kill Chain** | PROPAGATE | ST_PROJ-A-PRV-PC-1\n", "\n", "

\n", " \n", @@ -884,11 +884,11 @@ "We can use the blue agent's NODE_FILE_SCAN action to scan the database file:\n", "\n", "```yaml\n", - "# ST-DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status)\n", + "# ST_DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status)\n", "49:\n", " action: node-file-scan\n", " options:\n", - " node_name: ST-DATA-PRV-SRV-DB\n", + " node_name: ST_DATA-PRV-SRV-DB\n", " folder_name: database\n", " file_name: database.db\n", "```\n", @@ -1001,8 +1001,8 @@ " repeat_kill_chain: false\n", " repeat_kill_chain_stages: true\n", " default_target_ip: *ST_SRV_DB_IP\n", - " default_starting_node: \"ST-PROJ-A-PRV-PC-1\"\n", - " # starting_nodes: [\"ST-PROJ-A-PRV-PC-1\", \"ST-PROJ-B-PRV-PC-2\", \"ST-PROJ-C-PRV-PC-3\"]\n", + " default_starting_node: \"ST_PROJ-A-PRV-PC-1\"\n", + " # starting_nodes: [\"ST_PROJ-A-PRV-PC-1\", \"ST_PROJ-B-PRV-PC-2\", \"ST_PROJ-C-PRV-PC-3\"]\n", " kill_chain:\n", " ... # Next notebook section will cover this configuration option\n", "\n", @@ -1364,7 +1364,7 @@ "metadata": {}, "outputs": [], "source": [ - "starting_host = env.game.simulation.network.get_node_by_hostname('ST-PROJ-A-PRV-PC-1')\n", + "starting_host = env.game.simulation.network.get_node_by_hostname('ST_PROJ-A-PRV-PC-1')\n", "c2_beacon = starting_host.software_manager.software[\"c2-beacon\"]\n", "c2_beacon.show()" ] @@ -1507,8 +1507,8 @@ "metadata": {}, "outputs": [], "source": [ - "starting_host = env.game.simulation.network.get_node_by_hostname('ST-PROJ-A-PRV-PC-1')\n", - "target_host = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')\n", + "starting_host = env.game.simulation.network.get_node_by_hostname('ST_PROJ-A-PRV-PC-1')\n", + "target_host = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')\n", "target_host.file_system.show(full=True)\n", "starting_host.file_system.show(full=True)" ] @@ -1535,8 +1535,8 @@ "metadata": {}, "outputs": [], "source": [ - "starting_host = env.game.simulation.network.get_node_by_hostname('ST-PROJ-A-PRV-PC-1')\n", - "target_host = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')\n", + "starting_host = env.game.simulation.network.get_node_by_hostname('ST_PROJ-A-PRV-PC-1')\n", + "target_host = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')\n", "target_host.file_system.show(full=True)\n", "starting_host.file_system.show(full=True)" ] @@ -1563,8 +1563,8 @@ "metadata": {}, "outputs": [], "source": [ - "starting_host = env.game.simulation.network.get_node_by_hostname('ST-PROJ-A-PRV-PC-1')\n", - "target_host = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')\n", + "starting_host = env.game.simulation.network.get_node_by_hostname('ST_PROJ-A-PRV-PC-1')\n", + "target_host = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')\n", "target_host.file_system.show(full=True)\n", "starting_host.file_system.show(full=True)" ] @@ -1625,8 +1625,8 @@ "metadata": {}, "outputs": [], "source": [ - "starting_host = env.game.simulation.network.get_node_by_hostname('ST-PROJ-A-PRV-PC-1')\n", - "target_host = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')\n", + "starting_host = env.game.simulation.network.get_node_by_hostname('ST_PROJ-A-PRV-PC-1')\n", + "target_host = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')\n", "target_host.file_system.show(full=True)\n", "starting_host.file_system.show(full=True)" ] @@ -1676,7 +1676,7 @@ "metadata": {}, "outputs": [], "source": [ - "target_host = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')\n", + "target_host = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')\n", "target_host.user_manager.show()\n", "target_host.file_system.show()\n", "tap001.logger.show()" @@ -1699,11 +1699,11 @@ "The code cells below demonstrate the differences by using the blue agent to change the user account details on the target database before the exfiltration occurs using action 50\n", "\n", "```yaml\n", - " # ST-DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account\n", + " # ST_DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account\n", " 50:\n", " action: node-account-change-password\n", " options:\n", - " node_name: ST-DATA-PRV-SRV-DB\n", + " node_name: ST_DATA-PRV-SRV-DB\n", " username: admin # default account\n", " current_password: admin # default password\n", " new_password: thr33_alert_wolv3z # A more 'secure' password\n", @@ -1760,7 +1760,7 @@ "source": [ "# Yet the target database.db is still corrupt.\n", "\n", - "target_host = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')\n", + "target_host = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')\n", "target_host.file_system.show()" ] }, @@ -1814,7 +1814,7 @@ "source": [ "# And the target database.db remains healthy.\n", "\n", - "target_host = env.game.simulation.network.get_node_by_hostname('ST-DATA-PRV-SRV-DB')\n", + "target_host = env.game.simulation.network.get_node_by_hostname('ST_DATA-PRV-SRV-DB')\n", "target_host.file_system.show()" ] } diff --git a/src/primaite/notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb b/src/primaite/notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb index 365b01ed..8ec96da4 100644 --- a/src/primaite/notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb +++ b/src/primaite/notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb @@ -292,8 +292,8 @@ "source": [ "# TAP003's target routers\n", "\n", - "st_intra_prv_rt_cr: Router = env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-CR\")\n", - "st_intra_prv_rt_dr_1: Router = env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-DR-1\")\n", + "st_intra_prv_rt_cr: Router = env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\")\n", + "st_intra_prv_rt_dr_1: Router = env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\")\n", "rem_pub_rt_dr: Router = env.game.simulation.network.get_node_by_hostname(\"REM-PUB-RT-DR\")\n", "\n", "st_intra_prv_rt_cr.acl.show()\n", @@ -321,28 +321,28 @@ " variance: 0\n", " repeat_kill_chain: false\n", " repeat_kill_chain_stages: true\n", - " default_starting_node: \"ST-PROJ-A-PRV-PC-1\"\n", + " default_starting_node: \"ST_PROJ-A-PRV-PC-1\"\n", " starting_nodes:\n", - " # starting_nodes: [\"ST-PROJ-A-PRV-PC-1\", \"ST-PROJ-B-PRV-PC-2\", \"ST-PROJ-C-PRV-PC-3\"]\n", + " # starting_nodes: [\"ST_PROJ-A-PRV-PC-1\", \"ST_PROJ-B-PRV-PC-2\", \"ST_PROJ-C-PRV-PC-3\"]\n", " kill_chain:\n", " PLANNING:\n", " probability: 1\n", " starting_network_knowledge:\n", " credentials:\n", - " ST-PROJ-A-PRV-PC-1:\n", + " ST_PROJ-A-PRV-PC-1:\n", " username: admin\n", " password: admin\n", - " ST-PROJ-B-PRV-PC-2:\n", + " ST_PROJ-B-PRV-PC-2:\n", " username: admin\n", " password: admin\n", - " ST-PROJ-C-PRV-PC-3:\n", + " ST_PROJ-C-PRV-PC-3:\n", " username: admin\n", " password: admin\n", - " ST-INTRA-PRV-RT-DR-1:\n", + " ST_INTRA-PRV-RT-DR-1:\n", " ip_address: 192.168.230.1\n", " username: admin\n", " password: admin\n", - " ST-INTRA-PRV-RT-CR:\n", + " ST_INTRA-PRV-RT-CR:\n", " ip_address: 192.168.160.1\n", " username: admin\n", " password: admin\n", @@ -355,13 +355,13 @@ " MANIPULATION:\n", " probability: 1\n", " account_changes:\n", - " - host: ST-INTRA-PRV-RT-DR-1\n", - " ip_address: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1\n", + " - host: ST_INTRA-PRV-RT-DR-1\n", + " ip_address: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1\n", " action: change_password\n", " username: admin\n", " new_password: \"red_pass\"\n", - " - host: ST-INTRA-PRV-RT-CR\n", - " ip_address: 192.168.160.1 # ST-INTRA-PRV-RT-CR\n", + " - host: ST_INTRA-PRV-RT-CR\n", + " ip_address: 192.168.160.1 # ST_INTRA-PRV-RT-CR\n", " action: change_password\n", " username: \"admin\"\n", " new_password: \"red_pass\"\n", @@ -373,7 +373,7 @@ " EXPLOIT:\n", " probability: 1\n", " malicious_acls:\n", - " - target_router: ST-INTRA-PRV-RT-DR-1\n", + " - target_router: ST_INTRA-PRV-RT-DR-1\n", " position: 1\n", " permission: DENY\n", " src_ip: ALL\n", @@ -383,7 +383,7 @@ " src_port: POSTGRES_SERVER\n", " dst_port: POSTGRES_SERVER\n", " protocol_name_name: TCP\n", - " - target_router: ST-INTRA-PRV-RT-CR\n", + " - target_router: ST_INTRA-PRV-RT-CR\n", " position: 1\n", " permission: DENY\n", " src_ip: ALL\n", @@ -654,8 +654,8 @@ "\n", "|Target Router | Impact |\n", "|----------------------|--------|\n", - "|`ST-INTRA-PRV-RT-DR-1`| Blocks all `POSTGRES_SERVER` that arrives at the `ST-INTRA-PRV-RT-DR-1` router. This rule will prevent all ST_PROJ_* hosts from accessing the database (`ST-DATA-PRV-SRV-DB`).|\n", - "|`ST-INTRA-PRV-RT-CR`| Blocks all `HTTP` traffic that arrives at the`ST-INTRA-PRV-RT-CR` router. This rule will prevent all SOME_TECH hosts from accessing the webserver (`ST-DMZ-PUB-SRV-WEB`)|\n", + "|`ST_INTRA-PRV-RT-DR-1`| Blocks all `POSTGRES_SERVER` that arrives at the `ST_INTRA-PRV-RT-DR-1` router. This rule will prevent all ST_PROJ_* hosts from accessing the database (`ST_DATA-PRV-SRV-DB`).|\n", + "|`ST_INTRA-PRV-RT-CR`| Blocks all `HTTP` traffic that arrives at the`ST_INTRA-PRV-RT-CR` router. This rule will prevent all SOME_TECH hosts from accessing the webserver (`ST_DMZ-PUB-SRV-WEB`)|\n", "|`REM-PUB-RT-DR`| Blocks all `DNS` traffic that arrives at the `REM-PUB-RT-DR` router. This rule prevents any remote site works from accessing the DNS Server (`ISP-PUB-SRV-DNS`).|\n", "\n", "\n", @@ -716,7 +716,7 @@ "source": [ "#### Demonstration of the ACL Rule blocking traffic\n", "\n", - "As an example of the malicious ACL Rule affecting traffic across the network, attempting to query the database server (ST-DATA-PRV-SRV-DB) from any of the `ST_PROJECT_*` networks should fail because it is must route through the `ST-INTRA-PRV-RT-DR-1` router which TAP003 has configured to block all `POSTGRES_SERVER` traffic." + "As an example of the malicious ACL Rule affecting traffic across the network, attempting to query the database server (ST_DATA-PRV-SRV-DB) from any of the `ST_PROJECT_*` networks should fail because it is must route through the `ST_INTRA-PRV-RT-DR-1` router which TAP003 has configured to block all `POSTGRES_SERVER` traffic." ] }, { @@ -725,10 +725,10 @@ "metadata": {}, "outputs": [], "source": [ - "affected_node = env.game.simulation.network.get_node_by_hostname(\"ST-PROJ-A-PRV-PC-1\")\n", - "database_server = env.game.simulation.network.get_node_by_hostname(\"ST-DATA-PRV-SRV-DB\")\n", + "affected_node = env.game.simulation.network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", + "database_server = env.game.simulation.network.get_node_by_hostname(\"ST_DATA-PRV-SRV-DB\")\n", "\n", - "st_intra_prv_rt_dr_1 = env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-DR-1\")\n", + "st_intra_prv_rt_dr_1 = env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\")\n", "\n", "database_client: DatabaseClient = affected_node.software_manager.software.get(\"database-client\")\n", "st_intra_prv_rt_dr_1.acl.show()\n", @@ -768,10 +768,10 @@ "outputs": [], "source": [ "# This ACL blocks all web_server traffic from within the main `SOME_TECH` office. Thus leading to every SOME_TECH host unable to access the web-server\n", - "st_intra_prv_rt_cr = env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-CR\")\n", + "st_intra_prv_rt_cr = env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\")\n", "st_intra_prv_rt_cr.acl.show()\n", "\n", - "st_head_office_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST-HO-PRV-PC-1\")\n", + "st_head_office_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST_HO-PRV-PC-1\")\n", "st_head_office_private_pc_1_web_browser: WebBrowser = st_head_office_private_pc_1.software_manager.software[\"web-browser\"]\n", "st_head_office_private_pc_1_web_browser.get_webpage(url=\"http://some_tech.com\")\n", "st_head_office_private_pc_1_web_browser.sys_log.show()" @@ -842,9 +842,9 @@ " variance: 0\n", " repeat_kill_chain: false\n", " repeat_kill_chain_stages: true\n", - " default_starting_node: \"ST-PROJ-A-PRV-PC-1\"\n", + " default_starting_node: \"ST_PROJ-A-PRV-PC-1\"\n", " starting_nodes:\n", - " # starting_nodes: [\"ST-PROJ-A-PRV-PC-1\", \"ST-PROJ-B-PRV-PC-2\", \"ST-PROJ-C-PRV-PC-3\"]\n", + " # starting_nodes: [\"ST_PROJ-A-PRV-PC-1\", \"ST_PROJ-B-PRV-PC-2\", \"ST_PROJ-C-PRV-PC-3\"]\n", "```" ] }, @@ -900,20 +900,20 @@ " probability: 1\n", " starting_network_knowledge:\n", " credentials:\n", - " ST-PROJ-A-PRV-PC-1:\n", + " ST_PROJ-A-PRV-PC-1:\n", " username: admin\n", " password: admin\n", - " ST-PROJ-B-PRV-PC-2:\n", + " ST_PROJ-B-PRV-PC-2:\n", " username: admin\n", " password: admin\n", - " ST-PROJ-C-PRV-PC-3:\n", + " ST_PROJ-C-PRV-PC-3:\n", " username: admin\n", " password: admin\n", - " ST-INTRA-PRV-RT-DR-1:\n", + " ST_INTRA-PRV-RT-DR-1:\n", " ip_address: 192.168.230.1\n", " username: admin\n", " password: admin\n", - " ST-INTRA-PRV-RT-CR:\n", + " ST_INTRA-PRV-RT-CR:\n", " ip_address: 192.168.160.1\n", " username: admin\n", " password: admin\n", @@ -926,13 +926,13 @@ " MANIPULATION:\n", " probability: 1\n", " account_changes:\n", - " - host: ST-INTRA-PRV-RT-DR-1\n", - " ip_address: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1\n", + " - host: ST_INTRA-PRV-RT-DR-1\n", + " ip_address: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1\n", " action: change_password\n", " username: admin\n", " new_password: \"red_pass\"\n", - " - host: ST-INTRA-PRV-RT-CR\n", - " ip_address: 192.168.160.1 # ST-INTRA-PRV-RT-CR\n", + " - host: ST_INTRA-PRV-RT-CR\n", + " ip_address: 192.168.160.1 # ST_INTRA-PRV-RT-CR\n", " action: change_password\n", " username: \"admin\"\n", " new_password: \"red_pass\"\n", @@ -944,7 +944,7 @@ " EXPLOIT:\n", " probability: 1\n", " malicious_acls:\n", - " - target_router: ST-INTRA-PRV-RT-DR-1\n", + " - target_router: ST_INTRA-PRV-RT-DR-1\n", " ip_address: 192.168.230.1 \n", " position: 1\n", " permission: DENY\n", @@ -1131,7 +1131,7 @@ "source": [ "with open(_EXAMPLE_CFG/\"uc7_config_tap003.yaml\", mode=\"r\") as f:\n", " cfg = yaml.safe_load(f)\n", - " cfg[\"agents\"][32][\"agent_settings\"][\"default_starting_node\"] = \"ST-PROJ-A-PRV-PC-1\"\n", + " cfg[\"agents\"][32][\"agent_settings\"][\"default_starting_node\"] = \"ST_PROJ-A-PRV-PC-1\"\n", "env = PrimaiteGymEnv(env_config = cfg)\n", "tap003 = env.game.agents[\"attacker\"]\n", "print(f\"TA003's Selected Starting Host: {tap003.starting_node}\")" @@ -1154,8 +1154,8 @@ "source": [ "with open(_EXAMPLE_CFG/\"uc7_config_tap003.yaml\", mode=\"r\") as f:\n", " cfg = yaml.safe_load(f)\n", - " cfg[\"agents\"][32][\"agent_settings\"][\"default_starting_node\"] = \"ST-PROJ-A-PRV-PC-1\"\n", - " cfg[\"agents\"][32][\"agent_settings\"][\"starting_nodes\"] = [\"ST-PROJ-A-PRV-PC-1\",\"ST-PROJ-B-PRV-PC-2\"]" + " cfg[\"agents\"][32][\"agent_settings\"][\"default_starting_node\"] = \"ST_PROJ-A-PRV-PC-1\"\n", + " cfg[\"agents\"][32][\"agent_settings\"][\"starting_nodes\"] = [\"ST_PROJ-A-PRV-PC-1\",\"ST_PROJ-B-PRV-PC-2\"]" ] }, { @@ -1333,20 +1333,20 @@ " probability: 1\n", " starting_network_knowledge:\n", " credentials:\n", - " ST-PROJ-A-PRV-PC-1:\n", + " ST_PROJ-A-PRV-PC-1:\n", " username: admin\n", " password: admin\n", - " ST-PROJ-B-PRV-PC-2:\n", + " ST_PROJ-B-PRV-PC-2:\n", " username: admin\n", " password: admin\n", - " ST-PROJ-C-PRV-PC-3:\n", + " ST_PROJ-C-PRV-PC-3:\n", " username: admin\n", " password: admin\n", - " ST-INTRA-PRV-RT-DR-1:\n", + " ST_INTRA-PRV-RT-DR-1:\n", " ip_address: 192.168.230.1\n", " username: admin\n", " password: admin\n", - " ST-INTRA-PRV-RT-CR:\n", + " ST_INTRA-PRV-RT-CR:\n", " ip_address: 192.168.160.1\n", " username: admin\n", " password: admin\n", @@ -1391,13 +1391,13 @@ " MANIPULATION:\n", " probability: 1\n", " account_changes:\n", - " - host: ST-INTRA-PRV-RT-DR-1\n", - " ip_address: 192.168.230.1 # ST-INTRA-PRV-RT-DR-1\n", + " - host: ST_INTRA-PRV-RT-DR-1\n", + " ip_address: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1\n", " action: change_password\n", " username: admin\n", " new_password: \"red_pass\"\n", - " - host: ST-INTRA-PRV-RT-CR\n", - " ip_address: 192.168.160.1 # ST-INTRA-PRV-RT-CR\n", + " - host: ST_INTRA-PRV-RT-CR\n", + " ip_address: 192.168.160.1 # ST_INTRA-PRV-RT-CR\n", " action: change_password\n", " username: \"admin\"\n", " new_password: \"red_pass\"\n", @@ -1446,7 +1446,7 @@ "metadata": {}, "outputs": [], "source": [ - "# New ST-PROJ-B-PRV-PC-2 user account\n", + "# New ST_PROJ-B-PRV-PC-2 user account\n", "user_username = \"example_user_1\"\n", "user_password = \"example_pass_1\"\n", "user_admin = \"False\"" @@ -1477,7 +1477,7 @@ "metadata": {}, "outputs": [], "source": [ - "account_changes = [{\"host\":\"ST-PROJ-A-PRV-PC-2\", \"ip_address\": \"192.168.230.2\", \"user_name\": user_username, \"old_password\": user_password, \"new_password\": tap003_new_password}]" + "account_changes = [{\"host\":\"ST_PROJ-A-PRV-PC-2\", \"ip_address\": \"192.168.230.2\", \"user_name\": user_username, \"old_password\": user_password, \"new_password\": tap003_new_password}]" ] }, { @@ -1501,15 +1501,15 @@ " cfg['agents'][32]['agent_settings']['start_step'] = 1\n", " cfg['agents'][32]['agent_settings']['frequency'] = 3\n", " cfg['agents'][32]['agent_settings']['variance'] = 0\n", - " starting_creds = {\"username\": \"admin\",\"password\":\"admin\", \"ip_address\":\"192.168.230.2\"} # Adding \"ST-PROJ-A-PRV-PC-2\" to TAP003's starting_network_knowledge\n", - " cfg['agents'][32]['agent_settings']['kill_chain']['PLANNING']['starting_network_knowledge']['credentials'].update({\"ST-PROJ-A-PRV-PC-2\": starting_creds})\n", + " starting_creds = {\"username\": \"admin\",\"password\":\"admin\", \"ip_address\":\"192.168.230.2\"} # Adding \"ST_PROJ-A-PRV-PC-2\" to TAP003's starting_network_knowledge\n", + " cfg['agents'][32]['agent_settings']['kill_chain']['PLANNING']['starting_network_knowledge']['credentials'].update({\"ST_PROJ-A-PRV-PC-2\": starting_creds})\n", " cfg['agents'][32]['agent_settings']['kill_chain']['MANIPULATION']['account_changes'] = account_changes\n", "env = PrimaiteGymEnv(env_config = cfg)\n", "env.reset()\n", "while(env.game.step_counter != 90): # 20 Red Actions (frequency of 3)\n", " env.step(0)\n", "tap003 = env.game.agents['attacker']\n", - "target_host = env.game.simulation.network.get_node_by_hostname(\"ST-PROJ-A-PRV-PC-2\")\n", + "target_host = env.game.simulation.network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-2\")\n", "target_host.user_manager.show()\n" ] }, @@ -1603,13 +1603,13 @@ "metadata": {}, "outputs": [], "source": [ - "st_intra_prv_rt_dr_1 = env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-DR-1\")\n", + "st_intra_prv_rt_dr_1 = env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\")\n", "st_intra_prv_rt_dr_1.acl.show()\n", "\n", "rem_pub_rt_dr = env.game.simulation.network.get_node_by_hostname(\"REM-PUB-RT-DR\")\n", "rem_pub_rt_dr.acl.show()\n", "\n", - "st_intra_prv_rt_cr = env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-CR\")\n", + "st_intra_prv_rt_cr = env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\")\n", "st_intra_prv_rt_cr.acl.show()" ] }, @@ -1658,7 +1658,7 @@ "while(env.game.step_counter != 50):\n", " env.step(0)\n", "tap003 = env.game.agents['attacker']\n", - "target_host = env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-DR-1\")\n", + "target_host = env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\")\n", "target_host.acl.show()" ] } diff --git a/src/primaite/notebooks/UC7-attack-variants.ipynb b/src/primaite/notebooks/UC7-attack-variants.ipynb index 01888134..90245197 100644 --- a/src/primaite/notebooks/UC7-attack-variants.ipynb +++ b/src/primaite/notebooks/UC7-attack-variants.ipynb @@ -91,7 +91,7 @@ "\n", "Let's print the schedule so that we can see which attack we can expect on each episode.\n", "\n", - "On episodes 0-4, the TAP001 agent will be used, and on episodes 5-9, the TAP003 agent will be used. Then, the environment will alternate between the two. Furthermore, the TAP001 agent will alternate between starting at `ST-PROJ-A-PRV-PC-1`, `ST-PROJ-B-PRV-PC-2`, `ST-PROJ-C-PRV-PC-3`." + "On episodes 0-4, the TAP001 agent will be used, and on episodes 5-9, the TAP003 agent will be used. Then, the environment will alternate between the two. Furthermore, the TAP001 agent will alternate between starting at `ST_PROJ-A-PRV-PC-1`, `ST_PROJ-B-PRV-PC-2`, `ST_PROJ-C-PRV-PC-3`." ] }, { @@ -125,7 +125,7 @@ " env.step(0)\n", "\n", "def print_agent_actions_except_do_nothing(agent_name):\n", - " \"\"\"Get the agent's action history, filter out DONOTHING actions, print relevant data in a table.\"\"\"\n", + " \"\"\"Get the agent's action history, filter out `do-nothing` actions, print relevant data in a table.\"\"\"\n", " table = PrettyTable()\n", " table.field_names = [\"Step\", \"Action\", \"Node\", \"Application\", \"Target IP\", \"Response\"]\n", " print(f\"Episode: {env.episode_counter}, Actions for '{agent_name}':\")\n", @@ -135,8 +135,8 @@ "\n", " node, application, target_ip = \"N/A\", \"N/A\", \"N/A\",\n", "\n", - " if item.action.startswith(\"node-map\"):\n", - " node = item.parameters['source-node']\n", + " if item.action.startswith(\"node-nmap\"):\n", + " node = item.parameters['source_node']\n", " application = \"nmap\"\n", " target_ip = str(item.parameters['target_ip_address'])\n", " target_ip = (target_ip[:25]+'...') if len(target_ip)>25 else target_ip # truncate long string\n", @@ -194,7 +194,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_data_prv_srv_db: Server = env.game.simulation.network.get_node_by_hostname(\"ST-DATA-PRV-SRV-DB\")\n", + "st_data_prv_srv_db: Server = env.game.simulation.network.get_node_by_hostname(\"ST_DATA-PRV-SRV-DB\")\n", "st_data_prv_srv_db.file_system.show()" ] }, @@ -268,7 +268,7 @@ "metadata": {}, "outputs": [], "source": [ - "st_intra_prv_rt_cr: Router = env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-CR\")\n", + "st_intra_prv_rt_cr: Router = env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\")\n", "st_intra_prv_rt_cr.acl.show()" ] }, @@ -318,8 +318,8 @@ "\n", "|Target Router | Impact |\n", "|----------------------|--------|\n", - "|`ST-INTRA-PRV-RT-DR-1`| Blocks all `POSTGRES_SERVER` that arrives at the `ST-INTRA-PRV-RT-DR-1` router. This rule will prevent all ST_PROJ_* hosts from accessing the database (`ST-DATA-PRV-SRV-DB`).|\n", - "|`ST-INTRA-PRV-RT-CR`| Blocks all `HTTP` traffic that arrives at the`ST-INTRA-PRV-RT-CR` router. This rule will prevent all SOME_TECH hosts from accessing the webserver (`ST-DMZ-PUB-SRV-WEB`)|\n", + "|`ST_INTRA-PRV-RT-DR-1`| Blocks all `POSTGRES_SERVER` that arrives at the `ST_INTRA-PRV-RT-DR-1` router. This rule will prevent all ST_PROJ_* hosts from accessing the database (`ST_DATA-PRV-SRV-DB`).|\n", + "|`ST_INTRA-PRV-RT-CR`| Blocks all `HTTP` traffic that arrives at the`ST_INTRA-PRV-RT-CR` router. This rule will prevent all SOME_TECH hosts from accessing the webserver (`ST-DMZ-PUB-SRV-WEB`)|\n", "|`REM-PUB-RT-DR`| Blocks all `DNS` traffic that arrives at the `REM-PUB-RT-DR` router. This rule prevents any remote site works from accessing the DNS Server (`ISP-PUB-SRV-DNS`).|" ] }, @@ -357,7 +357,7 @@ "metadata": {}, "outputs": [], "source": [ - "env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-DR-1\").acl.show()" + "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\").acl.show()" ] }, { @@ -366,7 +366,7 @@ "metadata": {}, "outputs": [], "source": [ - "env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-CR\").acl.show()" + "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\").acl.show()" ] }, { @@ -494,8 +494,8 @@ "outputs": [], "source": [ "env.reset()\n", - "env.step(50) # NODE_ACCOUNTS_CHANGE_PASSWORD | st-intra-prv-rt-cr\n", - "env.step(52) # NODE_ACCOUNTS_CHANGE_PASSWORD | st-intra-prv-rt-dr-1\n", + "env.step(50) # NODE_ACCOUNTS_CHANGE_PASSWORD | ST_INTRA-prv-rt-cr\n", + "env.step(52) # NODE_ACCOUNTS_CHANGE_PASSWORD | ST_INTRA-prv-rt-dr-1\n", "env.step(54) # NODE_ACCOUNTS_CHANGE_PASSWORD | rem-pub-rt-dr\n", "finish_episode_and_print_reward()\n", "\n", @@ -522,8 +522,8 @@ "for _ in range(45):\n", " env.step(0)\n", "\n", - "env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-CR\").acl.show()\n", - "env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-DR-1\").acl.show()\n", + "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\").acl.show()\n", + "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\").acl.show()\n", "env.game.simulation.network.get_node_by_hostname(\"REM-PUB-RT-DR\").acl.show()" ] }, @@ -533,8 +533,8 @@ "metadata": {}, "outputs": [], "source": [ - "env.step(44) # ROUTER_ACL_REMOVERULE | st-intra-prv-rt-cr\n", - "env.step(53) # ROUTER_ACL_REMOVERULE | st-intra-prv-rt-dr-1\n", + "env.step(44) # ROUTER_ACL_REMOVERULE | ST_INTRA-prv-rt-cr\n", + "env.step(53) # ROUTER_ACL_REMOVERULE | ST_INTRA-prv-rt-dr-1\n", "env.step(55) # ROUTER_ACL_REMOVERULE | rem-pub-rt-dr" ] }, @@ -544,8 +544,8 @@ "metadata": {}, "outputs": [], "source": [ - "env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-CR\").acl.show()\n", - "env.game.simulation.network.get_node_by_hostname(\"ST-INTRA-PRV-RT-DR-1\").acl.show()\n", + "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\").acl.show()\n", + "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\").acl.show()\n", "env.game.simulation.network.get_node_by_hostname(\"REM-PUB-RT-DR\").acl.show()\n" ] }, @@ -564,9 +564,9 @@ ], "metadata": { "kernelspec": { - "display_name": ".venv", + "display_name": "milpac_venv", "language": "python", - "name": "python3" + "name": "milpac_venv" }, "language_info": { "codemirror_mode": { diff --git a/src/primaite/notebooks/UC7-network_connectivity.ipynb b/src/primaite/notebooks/UC7-network_connectivity.ipynb index 356e23aa..1a2415ac 100644 --- a/src/primaite/notebooks/UC7-network_connectivity.ipynb +++ b/src/primaite/notebooks/UC7-network_connectivity.ipynb @@ -342,8 +342,8 @@ "metadata": {}, "outputs": [], "source": [ - "st_pub_fw: Firewall = network.get_node_by_hostname(hostname=\"ST-PUB-FW\")\n", - "st_dmz_pub_srv_web: Server = network.get_node_by_hostname(hostname=\"ST-DMZ-PUB-SRV-WEB\")" + "st_pub_fw: Firewall = network.get_node_by_hostname(hostname=\"ST_PUB-FW\")\n", + "st_dmz_pub_srv_web: Server = network.get_node_by_hostname(hostname=\"ST_DMZ-PUB-SRV-WEB\")" ] }, { @@ -408,9 +408,9 @@ "metadata": {}, "outputs": [], "source": [ - "st_intra_prv_rt_cr: Router = network.get_node_by_hostname(hostname=\"ST-INTRA-PRV-RT-CR\")\n", - "st_intra_prv_rt_dr_1: Router = network.get_node_by_hostname(hostname=\"ST-INTRA-PRV-RT-DR-1\")\n", - "st_intra_prv_rt_dr_2: Router = network.get_node_by_hostname(hostname=\"ST-INTRA-PRV-RT-DR-2\")" + "st_intra_prv_rt_cr: Router = network.get_node_by_hostname(hostname=\"ST_INTRA-PRV-RT-CR\")\n", + "st_intra_prv_rt_dr_1: Router = network.get_node_by_hostname(hostname=\"ST_INTRA-PRV-RT-DR-1\")\n", + "st_intra_prv_rt_dr_2: Router = network.get_node_by_hostname(hostname=\"ST_INTRA-PRV-RT-DR-2\")" ] }, { @@ -558,9 +558,9 @@ "metadata": {}, "outputs": [], "source": [ - "st_head_office_private_pc_1: Computer = network.get_node_by_hostname(\"ST-HO-PRV-PC-1\")\n", - "st_head_office_private_pc_2: Computer = network.get_node_by_hostname(\"ST-HO-PRV-PC-2\")\n", - "st_head_office_private_pc_3: Computer = network.get_node_by_hostname(\"ST-HO-PRV-PC-3\")" + "st_head_office_private_pc_1: Computer = network.get_node_by_hostname(\"ST_HO-PRV-PC-1\")\n", + "st_head_office_private_pc_2: Computer = network.get_node_by_hostname(\"ST_HO-PRV-PC-2\")\n", + "st_head_office_private_pc_3: Computer = network.get_node_by_hostname(\"ST_HO-PRV-PC-3\")" ] }, { @@ -609,9 +609,9 @@ "metadata": {}, "outputs": [], "source": [ - "st_human_resources_private_pc_1: Computer = network.get_node_by_hostname(\"ST-HR-PRV-PC-1\")\n", - "st_human_resources_private_pc_2: Computer = network.get_node_by_hostname(\"ST-HR-PRV-PC-2\")\n", - "st_human_resources_private_pc_3: Computer = network.get_node_by_hostname(\"ST-HR-PRV-PC-3\")" + "st_human_resources_private_pc_1: Computer = network.get_node_by_hostname(\"ST_HR-PRV-PC-1\")\n", + "st_human_resources_private_pc_2: Computer = network.get_node_by_hostname(\"ST_HR-PRV-PC-2\")\n", + "st_human_resources_private_pc_3: Computer = network.get_node_by_hostname(\"ST_HR-PRV-PC-3\")" ] }, { @@ -671,8 +671,8 @@ "metadata": {}, "outputs": [], "source": [ - "st_data_private_server_database: Server = network.get_node_by_hostname(\"ST-DATA-PRV-SRV-DB\")\n", - "st_data_private_server_storage: Server = network.get_node_by_hostname(\"ST-DATA-PRV-SRV-STORAGE\")" + "st_data_private_server_database: Server = network.get_node_by_hostname(\"ST_DATA-PRV-SRV-DB\")\n", + "st_data_private_server_storage: Server = network.get_node_by_hostname(\"ST_DATA-PRV-SRV-STORAGE\")" ] }, { @@ -710,9 +710,9 @@ "metadata": {}, "outputs": [], "source": [ - "st_project_a_private_pc_1: Computer = network.get_node_by_hostname(\"ST-PROJ-A-PRV-PC-1\")\n", - "st_project_a_private_pc_2: Computer = network.get_node_by_hostname(\"ST-PROJ-A-PRV-PC-2\")\n", - "st_project_a_private_pc_3: Computer = network.get_node_by_hostname(\"ST-PROJ-A-PRV-PC-3\")" + "st_project_a_private_pc_1: Computer = network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", + "st_project_a_private_pc_2: Computer = network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-2\")\n", + "st_project_a_private_pc_3: Computer = network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-3\")" ] }, { @@ -754,7 +754,7 @@ "metadata": {}, "outputs": [], "source": [ - "# ST Private Project A PC 1 --> ST-INTRA-PRV-RT-CR\n", + "# ST Private Project A PC 1 --> ST_INTRA-PRV-RT-CR\n", "\n", "st_project_a_private_pc_1.ping(st_intra_prv_rt_cr.network_interface[1].ip_address)" ] @@ -765,7 +765,7 @@ "metadata": {}, "outputs": [], "source": [ - "# ST Private Project A PC 1 --> ST-INTRA-PRV-RT-DR-2\n", + "# ST Private Project A PC 1 --> ST_INTRA-PRV-RT-DR-2\n", "\n", "st_project_a_private_pc_1.ping(\"192.168.170.2\")" ] @@ -783,9 +783,9 @@ "metadata": {}, "outputs": [], "source": [ - "st_project_b_private_pc_1: Computer = network.get_node_by_hostname(\"ST-PROJ-B-PRV-PC-1\")\n", - "st_project_b_private_pc_2: Computer = network.get_node_by_hostname(\"ST-PROJ-B-PRV-PC-2\")\n", - "st_project_b_private_pc_3: Computer = network.get_node_by_hostname(\"ST-PROJ-B-PRV-PC-3\")" + "st_project_b_private_pc_1: Computer = network.get_node_by_hostname(\"ST_PROJ-B-PRV-PC-1\")\n", + "st_project_b_private_pc_2: Computer = network.get_node_by_hostname(\"ST_PROJ-B-PRV-PC-2\")\n", + "st_project_b_private_pc_3: Computer = network.get_node_by_hostname(\"ST_PROJ-B-PRV-PC-3\")" ] }, { @@ -834,9 +834,9 @@ "metadata": {}, "outputs": [], "source": [ - "st_project_c_private_pc_1: Computer = network.get_node_by_hostname(\"ST-PROJ-C-PRV-PC-1\")\n", - "st_project_c_private_pc_2: Computer = network.get_node_by_hostname(\"ST-PROJ-C-PRV-PC-2\")\n", - "st_project_c_private_pc_3: Computer = network.get_node_by_hostname(\"ST-PROJ-C-PRV-PC-3\")" + "st_project_c_private_pc_1: Computer = network.get_node_by_hostname(\"ST_PROJ-C-PRV-PC-1\")\n", + "st_project_c_private_pc_2: Computer = network.get_node_by_hostname(\"ST_PROJ-C-PRV-PC-2\")\n", + "st_project_c_private_pc_3: Computer = network.get_node_by_hostname(\"ST_PROJ-C-PRV-PC-3\")" ] }, { diff --git a/src/primaite/notebooks/_package_data/uc7/uc7_network_detailed_svg.svg b/src/primaite/notebooks/_package_data/uc7/uc7_network_detailed_svg.svg index 8df869e7..dfa8cb3c 100644 --- a/src/primaite/notebooks/_package_data/uc7/uc7_network_detailed_svg.svg +++ b/src/primaite/notebooks/_package_data/uc7/uc7_network_detailed_svg.svg @@ -1,4 +1,4 @@ -



ST_PROJ_A-
PRV-PC-1
ST_PROJ_A-...
SOME TECH PROJECT A (ST_PROJ_A)
SOME TECH PROJECT A (ST_PROJ_A)
192.168.240.0/29
192.168.240.0/29
3
3
2
2
1
1
9
9





ST_INTRA-PRV-
RT-DR-1
ST_INTRA-PRV-...
ST_INTRA-PRV-
RT-CR
ST_INTRA-PRV-...
ST_INTRA-PRV-
RT-DR-2
ST_INTRA-PRV-...
Port 1: 192.168.170.2
Port 1: 192.168.170.2
Port 3: 192.168.170.1
Port 3: 192.168.170.1


Port 2: 192.168.160.1
Port 2: 192.168.160.1
Port 1: 192.168.160.2
Port 1: 192.168.160.2
SOME_TECH HUMAN RESOURCES
(ST_HR)
SOME_TECH HUMAN RESOURCES...
ST_PROJ_C-
PRV-SW-AS
ST_PROJ_C-...
ST_PROJ_C-
PRV-PC-3
ST_PROJ_C-...
3
3
2
2
1
1
9
9
Port 1: 192.168.250.4
Port 1: 192.168.250.4
Port 4
Port 4
ST_PROJ_C-
PRV-PC-1
ST_PROJ_C-...
3
3
2
2
1
1
9
9
Port 1: 192.168.250.2
Port 1: 192.168.250.2
Port 2
Port 2
ST_PROJ_C-
PRV-PC-2
ST_PROJ_C-...
3
3
2
2
1
1
9
9
Port 1: 192.168.250.3
Port 1: 192.168.250.3
Port 3
Port 3
SOME TECH PROJECT C (ST_PROJ_C)
SOME TECH PROJECT C (ST_PROJ_C)
192.168.250.0/29
192.168.250.0/29
192.168.160.0/30
192.168.160.0/30
192.168.170.0/30
192.168.170.0/30
192.168.210.0/29
192.168.210.0/29




Port 4: 10.1.100.1
Port 4: 10.1.100.1
External Port: 10.1.100.2
External Port: 10.1.100.2
ST_HO-PRV-PC-2
ST_HO-PRV-PC-2
3
3
2
2
1
1
9
9
ST_HO-PRV-PC-1
ST_HO-PRV-PC-1
3
3
2
2
1
1
9
9
Port 2
Port 2
Port 1: 192.168.20.2
Port 1: 192.168.20.2
Port 3
Port 3
Port 1: 192.168.20.3
Port 1: 192.168.20.3
Port 4
Port 4
Port 1: 192.168.20.4
Port 1: 192.168.20.4
ST-PUB-FW
ST-PUB-FW
DMZ Port: 192.168.100.1
DMZ Port: 192.168.100.1
Port 1: 192.168.100.2
Port 1: 192.168.100.2
Internal Port: 192.168.150.1
Internal Port: 192.168.150.1
Port 1: 192.168.150.2 
Port 1: 192.168.150.2 
ST_HO-PRV-
SW-AS
ST_HO-PRV-...
ST_DATA-PRV-SRV-DB
ST_DATA-PRV-SRV-DB
7
7
9
9
3
3
6
6
Port 1: 192.168.220.3
Port 1: 192.168.220.3
Port 3
Port 3
Port 1: 192.168.220.2
Port 1: 192.168.220.2
Port 2
Port 2


ST_PROJ_B-
PRV-PC-2
ST_PROJ_B-...
3
3
2
2
1
1
9
9


ST_PROJ_B-
PRV-SW-AS
ST_PROJ_B-...
Port 1: 192.168.240.3
Port 1: 192.168.240.3
Port 3
Port 3

SOME_TECH DMZ (ST_DMZ)
SOME_TECH DMZ (ST_DMZ)
ST_DMZ-PUB-SRV-WEB
ST_DMZ-PUB-SRV-WEB
ST_DMZ-PUB-SRV-WEB
ST_DMZ-PUB-SRV-WEB
9
9
3
3
5
5
Port 1
Port 1
Port 2: 192.168.200.1
Port 2: 192.168.200.1
Port 1
Port 1
Port 3: 192.168.210.1
Port 3: 192.168.210.1
ST_HO-PRV-PC-1
ST_HO-PRV-PC-1
3
3
2
2
1
1
9
9
Port 2
Port 2
Port 1: 192.168.200.2
Port 1: 192.168.200.2
ST_HO-PRV-
SW-AS
ST_HO-PRV-...
ST_HO-PRV-PC-3
ST_HO-PRV-PC-3
3
3
2
2
1
1
9
9
Port 4
Port 4
Port 1: 192.168.200.4
Port 1: 192.168.200.4
SOME_TECH HEAD OFFICE
(ST_HO)
SOME_TECH HEAD OFFICE...
ST_HO-PRV-PC-2
ST_HO-PRV-PC-2
3
3
2
2
1
1
9
9
Port 3
Port 3
Port 1: 192.168.200.3
Port 1: 192.168.200.3
Port 4: 192.168.220.1
Port 4: 192.168.220.1
Port 1
Port 1
Port 1
Port 1
Port 4: 192.168.250.1
Port 4: 192.168.250.1
Port 2: 192.168.230.1
Port 2: 192.168.230.1
Port 1
Port 1
Port 1
Port 1
Port 3: 192.168.240.1 
Port 3: 192.168.240.1 
ST_PROJ_A-
PRV-SW-AS
ST_PROJ_A-...
ST_PROJ_A-
PRV-PC-2
ST_PROJ_A-...
3
3
2
2
1
1
9
9
ST_PROJ_A-
PRV-PC-3
ST_PROJ_A-...
3
3
2
2
1
1
9
9
Port 1: 192.168.230.2
Port 1: 192.168.230.2
Port 2
Port 2
Port 1: 192.168.230.3
Port 1: 192.168.230.3
Port 3
Port 3
Port 1: 192.168.230.4
Port 1: 192.168.230.4
Port 4
Port 4
SOME TECH PROJECT B
(ST_PROJ_ B)
SOME TECH PROJECT B...
ST_PROJ_B-
PRV-PC-1
ST_PROJ_B-...
3
3
2
2
1
1
9
9
Port 1: 192.168.240.2
Port 1: 192.168.240.2
Port 2
Port 2
Port 1: 192.168.240.4
Port 1: 192.168.240.4
Port 4
Port 4
ST_PROJ_B-
PRV-PC-3
ST_PROJ_B-...
3
3
2
2
1
1
9
9
ST_HO-PRV-PC-3
ST_HO-PRV-PC-3
3
3
2
2
1
1
9
9
SOME_TECH Main Site Network
SOME_TECH Main Site Network
SOME TECH DATA (ST_DATA)
SOME TECH DATA (ST_DATA)



HOME OFFICE (HOME)
HOME OFFICE (HOME)


HOME-PUB-PC-1
HOME-PUB-PC-1
3
3
2
2
1
1
9
9
192.168.1.0/26
192.168.1.0/26
HOME-PUB-PC-2
HOME-PUB-PC-2
3
3
2
2
1
1
9
9
HOME-PUB-SRV
HOME-PUB-SRV
3
3
9
9
HOME-PUB-
SW-AS
HOME-PUB-...
Port 1: 192.168.1.2/26
Port 1: 192.168.1.2/26
Port 2
Port 2
Port 1: 192.168.1.3/26
Port 1: 192.168.1.3/26
Port 3
Port 3
Port 1
Port 1
Port 1: 192.168.1.1
Port 1: 192.168.1.1
HOME-PUB-
RT-DR
HOME-PUB-...
ISP-PUB-RT-BR
ISP-PUB-RT-BR


ISP-PUB-
SRV-DNS
ISP-PUB-...
8.8.8.0/28
8.8.8.0/28
10.1.10.0/30
10.1.10.0/30
INTERNET (ISP)
INTERNET (ISP)
REM-PUB-FW
REM-PUB-FW
Port 1: 192.168.1.4/26
Port 1: 192.168.1.4/26
Port 4
Port 4
REM-PUB-RT-DR
REM-PUB-RT-DR


Port 3: 10.1.10.1
Port 3: 10.1.10.1
External Port: 10.1.10.1
External Port: 10.1.10.1
Port 2: 10.1.0.2
Port 2: 10.1.0.2
Port 1: 10.1.0.1
Port 1: 10.1.0.1
Internal Port: 192.168.10.1
Internal Port: 192.168.10.1
Port 1: 192.168.10.2
Port 1: 192.168.10.2
Port 1: 8.8.8.8
Port 1: 8.8.8.8
Port 2: 8.8.8.1
Port 2: 8.8.8.1
4
4
10
10


Remote Site (REMOTE)
Remote Site (REMOTE)
REM-PUB-PC-2
REM-PUB-PC-2
3
3
2
2
1
1
9
9
REM-PUB-PC-1
REM-PUB-PC-1
3
3
2
2
1
1
9
9
Port 2
Port 2
Port 1: 192.168.20.2
Port 1: 192.168.20.2
Port 3
Port 3
Port 1: 192.168.20.3
Port 1: 192.168.20.3
Port 3
Port 3
Port 2: 192.168.20.1
Port 2: 192.168.20.1
Port 1
Port 1
REM-PUB-
SW-AS
REM-PUB-...
REM-PUB-SRV
REM-PUB-SRV
3
3
9
9
Port 1: 192.168.20.4
Port 1: 192.168.20.4
Port 4
Port 4
192.168.10.0/30
192.168.10.0/30
192.168.10.0/30
192.168.10.0/30
192.168.250.0/29
192.168.250.0/29
ST_DATA-PRV-SW-AS
ST_DATA-PRV-SW-AS
ST-DATA-PRV-SRV-STORAGE
ST-DATA-PRV-SRV-STOR...
3
3
8
8
9
9
192.168.220.0/29
192.168.220.0/29
192.168.200.0/29
192.168.200.0/29
192.168.50.0/28
192.168.50.0/28
10.1.100.0/30
10.1.100.0/30
192.168.100.0/30
192.168.100.0/30
10.1.0.0/30
10.1.0.0/30
Node Software
Number Key
Node Software...
SERVICES
SERVICES
APPLICATIONS
APPLICATIONS
1
1
2
2
DatabaseClient
DatabaseClient
Webbrowser
Webbrowser
3
3
DNSClient
DNSClient
4
4
Web Server
Web Server
5
5
WebServer
WebServer
6
6
DatabaseService
DatabaseService
7
7
FTP Client
FTP Client
8
8
FTP Server
FTP Server
9
9
NTP Client
NTP Client
10
10
NTP Server
NTP Server

UC7 Detailed Network Diagram

UC7 Detailed Network Diagram
Node Type Colour Key
Node Type Colour Key
ROUTER
#CFE4FF
ROUTER...
SERVER
#CED4DB
SERVER...
FIREWALL
#FFD9D9
FIREWALL...
SWITCH
#FFF7A1
SWITCH...
COMPUTER
#E9E9E9
COMPUTER...Text is not SVG - cannot display +



ST_PROJ_A-
PRV-PC-1
ST_PROJ_A-...
SOME TECH PROJECT A (ST_PROJ_A)
SOME TECH PROJECT A (ST_PROJ_A)
192.168.240.0/29
192.168.240.0/29
3
3
2
2
1
1
9
9





ST_INTRA-PRV-
RT-DR-1
ST_INTRA-PRV-...
ST_INTRA-PRV-
RT-CR
ST_INTRA-PRV-...
ST_INTRA-PRV-
RT-DR-2
ST_INTRA-PRV-...
Port 1: 192.168.170.2
Port 1: 192.168.170.2
Port 3: 192.168.170.1
Port 3: 192.168.170.1


Port 2: 192.168.160.1
Port 2: 192.168.160.1
Port 1: 192.168.160.2
Port 1: 192.168.160.2
SOME_TECH HUMAN RESOURCES
(ST_HR)
SOME_TECH HUMAN RESOURCES...
ST_PROJ_C-
PRV-SW-AS
ST_PROJ_C-...
ST_PROJ_C-
PRV-PC-3
ST_PROJ_C-...
3
3
2
2
1
1
9
9
Port 1: 192.168.250.4
Port 1: 192.168.250.4
Port 4
Port 4
ST_PROJ_C-
PRV-PC-1
ST_PROJ_C-...
3
3
2
2
1
1
9
9
Port 1: 192.168.250.2
Port 1: 192.168.250.2
Port 2
Port 2
ST_PROJ_C-
PRV-PC-2
ST_PROJ_C-...
3
3
2
2
1
1
9
9
Port 1: 192.168.250.3
Port 1: 192.168.250.3
Port 3
Port 3
SOME TECH PROJECT C (ST_PROJ_C)
SOME TECH PROJECT C (ST_PROJ_C)
192.168.250.0/29
192.168.250.0/29
192.168.160.0/30
192.168.160.0/30
192.168.170.0/30
192.168.170.0/30
192.168.210.0/29
192.168.210.0/29




Port 4: 10.1.100.1
Port 4: 10.1.100.1
External Port: 10.1.100.2
External Port: 10.1.100.2
ST_HO-PRV-PC-2
ST_HO-PRV-PC-2
3
3
2
2
1
1
9
9
ST_HO-PRV-PC-1
ST_HO-PRV-PC-1
3
3
2
2
1
1
9
9
Port 2
Port 2
Port 1: 192.168.20.2
Port 1: 192.168.20.2
Port 3
Port 3
Port 1: 192.168.20.3
Port 1: 192.168.20.3
Port 4
Port 4
Port 1: 192.168.20.4
Port 1: 192.168.20.4
ST_PUB-FW
ST_PUB-FW
DMZ Port: 192.168.100.1
DMZ Port: 192.168.100.1
Port 1: 192.168.100.2
Port 1: 192.168.100.2
Internal Port: 192.168.150.1
Internal Port: 192.168.150.1
Port 1: 192.168.150.2 
Port 1: 192.168.150.2 
ST_HO-PRV-
SW-AS
ST_HO-PRV-...
ST_DATA-PRV-SRV-DB
ST_DATA-PRV-SRV-DB
7
7
9
9
3
3
6
6
Port 1: 192.168.220.3
Port 1: 192.168.220.3
Port 3
Port 3
Port 1: 192.168.220.2
Port 1: 192.168.220.2
Port 2
Port 2


ST_PROJ_B-
PRV-PC-2
ST_PROJ_B-...
3
3
2
2
1
1
9
9


ST_PROJ_B-
PRV-SW-AS
ST_PROJ_B-...
Port 1: 192.168.240.3
Port 1: 192.168.240.3
Port 3
Port 3

SOME_TECH DMZ (ST_DMZ)
SOME_TECH DMZ (ST_DMZ)
ST_DMZ-PUB-SRV-WEB
ST_DMZ-PUB-SRV-WEB
ST_DMZ-PUB-SRV-WEB
ST_DMZ-PUB-SRV-WEB
9
9
3
3
5
5
Port 1
Port 1
Port 2: 192.168.200.1
Port 2: 192.168.200.1
Port 1
Port 1
Port 3: 192.168.210.1
Port 3: 192.168.210.1
ST_HO-PRV-PC-1
ST_HO-PRV-PC-1
3
3
2
2
1
1
9
9
Port 2
Port 2
Port 1: 192.168.200.2
Port 1: 192.168.200.2
ST_HO-PRV-
SW-AS
ST_HO-PRV-...
ST_HO-PRV-PC-3
ST_HO-PRV-PC-3
3
3
2
2
1
1
9
9
Port 4
Port 4
Port 1: 192.168.200.4
Port 1: 192.168.200.4
SOME_TECH HEAD OFFICE
(ST_HO)
SOME_TECH HEAD OFFICE...
ST_HO-PRV-PC-2
ST_HO-PRV-PC-2
3
3
2
2
1
1
9
9
Port 3
Port 3
Port 1: 192.168.200.3
Port 1: 192.168.200.3
Port 4: 192.168.220.1
Port 4: 192.168.220.1
Port 1
Port 1
Port 1
Port 1
Port 4: 192.168.250.1
Port 4: 192.168.250.1
Port 2: 192.168.230.1
Port 2: 192.168.230.1
Port 1
Port 1
Port 1
Port 1
Port 3: 192.168.240.1 
Port 3: 192.168.240.1 
ST_PROJ_A-
PRV-SW-AS
ST_PROJ_A-...
ST_PROJ_A-
PRV-PC-2
ST_PROJ_A-...
3
3
2
2
1
1
9
9
ST_PROJ_A-
PRV-PC-3
ST_PROJ_A-...
3
3
2
2
1
1
9
9
Port 1: 192.168.230.2
Port 1: 192.168.230.2
Port 2
Port 2
Port 1: 192.168.230.3
Port 1: 192.168.230.3
Port 3
Port 3
Port 1: 192.168.230.4
Port 1: 192.168.230.4
Port 4
Port 4
SOME TECH PROJECT B
(ST_PROJ_ B)
SOME TECH PROJECT B...
ST_PROJ_B-
PRV-PC-1
ST_PROJ_B-...
3
3
2
2
1
1
9
9
Port 1: 192.168.240.2
Port 1: 192.168.240.2
Port 2
Port 2
Port 1: 192.168.240.4
Port 1: 192.168.240.4
Port 4
Port 4
ST_PROJ_B-
PRV-PC-3
ST_PROJ_B-...
3
3
2
2
1
1
9
9
ST_HO-PRV-PC-3
ST_HO-PRV-PC-3
3
3
2
2
1
1
9
9
SOME_TECH Main Site Network
SOME_TECH Main Site Network
SOME TECH DATA (ST_DATA)
SOME TECH DATA (ST_DATA)



HOME OFFICE (HOME)
HOME OFFICE (HOME)


HOME-PUB-PC-1
HOME-PUB-PC-1
3
3
2
2
1
1
9
9
192.168.1.0/26
192.168.1.0/26
HOME-PUB-PC-2
HOME-PUB-PC-2
3
3
2
2
1
1
9
9
HOME-PUB-SRV
HOME-PUB-SRV
3
3
9
9
HOME-PUB-
SW-AS
HOME-PUB-...
Port 1: 192.168.1.2/26
Port 1: 192.168.1.2/26
Port 2
Port 2
Port 1: 192.168.1.3/26
Port 1: 192.168.1.3/26
Port 3
Port 3
Port 1
Port 1
Port 1: 192.168.1.1
Port 1: 192.168.1.1
HOME-PUB-
RT-DR
HOME-PUB-...
ISP-PUB-RT-BR
ISP-PUB-RT-BR


ISP-PUB-
SRV-DNS
ISP-PUB-...
8.8.8.0/28
8.8.8.0/28
10.1.10.0/30
10.1.10.0/30
INTERNET (ISP)
INTERNET (ISP)
REM-PUB-FW
REM-PUB-FW
Port 1: 192.168.1.4/26
Port 1: 192.168.1.4/26
Port 4
Port 4
REM-PUB-RT-DR
REM-PUB-RT-DR


Port 3: 10.1.10.1
Port 3: 10.1.10.1
External Port: 10.1.10.1
External Port: 10.1.10.1
Port 2: 10.1.0.2
Port 2: 10.1.0.2
Port 1: 10.1.0.1
Port 1: 10.1.0.1
Internal Port: 192.168.10.1
Internal Port: 192.168.10.1
Port 1: 192.168.10.2
Port 1: 192.168.10.2
Port 1: 8.8.8.8
Port 1: 8.8.8.8
Port 2: 8.8.8.1
Port 2: 8.8.8.1
4
4
10
10


Remote Site (REMOTE)
Remote Site (REMOTE)
REM-PUB-PC-2
REM-PUB-PC-2
3
3
2
2
1
1
9
9
REM-PUB-PC-1
REM-PUB-PC-1
3
3
2
2
1
1
9
9
Port 2
Port 2
Port 1: 192.168.20.2
Port 1: 192.168.20.2
Port 3
Port 3
Port 1: 192.168.20.3
Port 1: 192.168.20.3
Port 3
Port 3
Port 2: 192.168.20.1
Port 2: 192.168.20.1
Port 1
Port 1
REM-PUB-
SW-AS
REM-PUB-...
REM-PUB-SRV
REM-PUB-SRV
3
3
9
9
Port 1: 192.168.20.4
Port 1: 192.168.20.4
Port 4
Port 4
192.168.10.0/30
192.168.10.0/30
192.168.10.0/30
192.168.10.0/30
192.168.250.0/29
192.168.250.0/29
ST_DATA-PRV-SW-AS
ST_DATA-PRV-SW-AS
ST_DATA-PRV-SRV-STORAGE
ST_DATA-PRV-SRV-STOR...
3
3
8
8
9
9
192.168.220.0/29
192.168.220.0/29
192.168.200.0/29
192.168.200.0/29
192.168.50.0/28
192.168.50.0/28
10.1.100.0/30
10.1.100.0/30
192.168.100.0/30
192.168.100.0/30
10.1.0.0/30
10.1.0.0/30
Node Software
Number Key
Node Software...
SERVICES
SERVICES
APPLICATIONS
APPLICATIONS
1
1
2
2
DatabaseClient
DatabaseClient
Webbrowser
Webbrowser
3
3
DNSClient
DNSClient
4
4
Web Server
Web Server
5
5
WebServer
WebServer
6
6
DatabaseService
DatabaseService
7
7
FTP Client
FTP Client
8
8
FTP Server
FTP Server
9
9
NTP Client
NTP Client
10
10
NTP Server
NTP Server

UC7 Detailed Network Diagram

UC7 Detailed Network Diagram
Node Type Colour Key
Node Type Colour Key
ROUTER
#CFE4FF
ROUTER...
SERVER
#CED4DB
SERVER...
FIREWALL
#FFD9D9
FIREWALL...
SWITCH
#FFF7A1
SWITCH...
COMPUTER
#E9E9E9
COMPUTER...Text is not SVG - cannot display diff --git a/tests/e2e_integration_tests/test_uc7_agents.py b/tests/e2e_integration_tests/test_uc7_agents.py index 8c597dc7..7bdba714 100644 --- a/tests/e2e_integration_tests/test_uc7_agents.py +++ b/tests/e2e_integration_tests/test_uc7_agents.py @@ -73,13 +73,13 @@ def test_green_agent_negative_reward(uc7_environment): # Purposefully disabling the following services: # 1. Disabling the web-server - st_dmz_pub_srv_web: Server = env.game.simulation.network.get_node_by_hostname("ST-DMZ-PUB-SRV-WEB") + st_dmz_pub_srv_web: Server = env.game.simulation.network.get_node_by_hostname("ST_DMZ-PUB-SRV-WEB") st_web_server = st_dmz_pub_srv_web.software_manager.software["web-server"] st_web_server.operating_state = ServiceOperatingState.DISABLED assert st_web_server.operating_state == ServiceOperatingState.DISABLED # 2. Disabling the DatabaseServer - st_data_database_server: Server = env.game.simulation.network.get_node_by_hostname("ST-DATA-PRV-SRV-DB") + st_data_database_server: Server = env.game.simulation.network.get_node_by_hostname("ST_DATA-PRV-SRV-DB") database_service: DatabaseService = st_data_database_server.software_manager.software["database-service"] database_service.operating_state = ServiceOperatingState.DISABLED assert database_service.operating_state == ServiceOperatingState.DISABLED @@ -102,7 +102,7 @@ def test_tap001_default_behaviour(uc7_environment): for _ in range(128): env.step(0) - some_tech_proj_a_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-1") + some_tech_proj_a_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-1") # Asserting that the `malware_dropper.ps1` was created. @@ -123,7 +123,7 @@ def test_tap001_default_behaviour(uc7_environment): assert c2_beacon.c2_connection_active == True # Asserting that the target database was successfully corrupted. - some_tech_data_server_database: Server = network.get_node_by_hostname("ST-DATA-PRV-SRV-DB") + some_tech_data_server_database: Server = network.get_node_by_hostname("ST_DATA-PRV-SRV-DB") database_file: File = some_tech_data_server_database.file_system.get_file( folder_name="database", file_name="database.db" ) @@ -139,8 +139,8 @@ def test_tap003_default_behaviour(uc7_environment): def uc7_environment_tap003() -> PrimaiteGymEnv: with open(_EXAMPLE_CFG / "uc7_config_tap003.yaml", mode="r") as uc7_config: cfg = yaml.safe_load(uc7_config) - cfg["agents"][32]["agent_settings"]["starting_nodes"] = ["ST-PROJ-A-PRV-PC-1"] - cfg["agents"][32]["agent_settings"]["default_starting_node"] = "ST-PROJ-A-PRV-PC-1" + cfg["agents"][32]["agent_settings"]["starting_nodes"] = ["ST_PROJ-A-PRV-PC-1"] + cfg["agents"][32]["agent_settings"]["default_starting_node"] = "ST_PROJ-A-PRV-PC-1" env = PrimaiteGymEnv(env_config=cfg) return env @@ -151,15 +151,15 @@ def test_tap003_default_behaviour(uc7_environment): env.step(0) network = env.game.simulation.network - # Asserting that a malicious ACL has been added to ST-INTRA-PRV-RT-DR-1 - st_intra_prv_rt_dr_1: Router = network.get_node_by_hostname(hostname="ST-INTRA-PRV-RT-DR-1") + # Asserting that a malicious ACL has been added to ST_INTRA-PRV-RT-DR-1 + st_intra_prv_rt_dr_1: Router = network.get_node_by_hostname(hostname="ST_INTRA-PRV-RT-DR-1") assert st_intra_prv_rt_dr_1.acl.acl[1].action == ACLAction.DENY assert st_intra_prv_rt_dr_1.acl.acl[1].protocol == "tcp" assert st_intra_prv_rt_dr_1.acl.acl[1].src_port == PORT_LOOKUP.get("POSTGRES_SERVER") assert st_intra_prv_rt_dr_1.acl.acl[1].dst_port == PORT_LOOKUP.get("POSTGRES_SERVER") - # Asserting that a malicious ACL has been added to ST-INTRA-PRV-RT-CR - st_intra_prv_rt_cr: Router = network.get_node_by_hostname(hostname="ST-INTRA-PRV-RT-CR") + # Asserting that a malicious ACL has been added to ST_INTRA-PRV-RT-CR + st_intra_prv_rt_cr: Router = network.get_node_by_hostname(hostname="ST_INTRA-PRV-RT-CR") assert st_intra_prv_rt_cr.acl.acl[1].action == ACLAction.DENY assert st_intra_prv_rt_cr.acl.acl[1].protocol == "tcp" assert st_intra_prv_rt_cr.acl.acl[1].src_port == PORT_LOOKUP.get("HTTP") diff --git a/tests/e2e_integration_tests/test_uc7_route_connectivity.py b/tests/e2e_integration_tests/test_uc7_route_connectivity.py index 25350c4b..af5f3cd2 100644 --- a/tests/e2e_integration_tests/test_uc7_route_connectivity.py +++ b/tests/e2e_integration_tests/test_uc7_route_connectivity.py @@ -74,8 +74,8 @@ def test_ping_remote_site(uc7_network): def test_ping_some_tech_dmz(uc7_network): """Asserts that the st_dmz_pub_srv_web and the st_public_firewall can ping each other and remote site and home office.""" network = uc7_network - st_pub_fw: Firewall = network.get_node_by_hostname(hostname="ST-PUB-FW") - st_dmz_pub_srv_web: Server = network.get_node_by_hostname(hostname="ST-DMZ-PUB-SRV-WEB") + st_pub_fw: Firewall = network.get_node_by_hostname(hostname="ST_PUB-FW") + st_dmz_pub_srv_web: Server = network.get_node_by_hostname(hostname="ST_DMZ-PUB-SRV-WEB") isp_pub_srv_dns: Server = network.get_node_by_hostname("ISP-PUB-SRV-DNS") home_pub_pc_1: Computer = network.get_node_by_hostname("HOME-PUB-PC-1") @@ -91,9 +91,9 @@ def test_ping_some_tech_dmz(uc7_network): def test_ping_some_tech_head_office(uc7_network): """Asserts that all the some_tech_* PCs can ping each other and the public dns""" network = uc7_network - st_home_office_private_pc_1: Computer = network.get_node_by_hostname("ST-HO-PRV-PC-1") - st_home_office_private_pc_2: Computer = network.get_node_by_hostname("ST-HO-PRV-PC-2") - st_home_office_private_pc_3: Computer = network.get_node_by_hostname("ST-HO-PRV-PC-3") + st_home_office_private_pc_1: Computer = network.get_node_by_hostname("ST_HO-PRV-PC-1") + st_home_office_private_pc_2: Computer = network.get_node_by_hostname("ST_HO-PRV-PC-2") + st_home_office_private_pc_3: Computer = network.get_node_by_hostname("ST_HO-PRV-PC-3") isp_pub_srv_dns: Server = network.get_node_by_hostname("ISP-PUB-SRV-DNS") def ping_all_some_tech_head_office(host): @@ -110,9 +110,9 @@ def test_ping_some_tech_head_office(uc7_network): def test_ping_some_tech_hr(uc7_network): """Assert that all some_tech_hr_* PCs can ping each other and the public dns""" network = uc7_network - some_tech_hr_pc_1: Computer = network.get_node_by_hostname("ST-HR-PRV-PC-1") - some_tech_hr_pc_2: Computer = network.get_node_by_hostname("ST-HR-PRV-PC-2") - some_tech_hr_pc_3: Computer = network.get_node_by_hostname("ST-HR-PRV-PC-3") + some_tech_hr_pc_1: Computer = network.get_node_by_hostname("ST_HR-PRV-PC-1") + some_tech_hr_pc_2: Computer = network.get_node_by_hostname("ST_HR-PRV-PC-2") + some_tech_hr_pc_3: Computer = network.get_node_by_hostname("ST_HR-PRV-PC-3") isp_pub_srv_dns: Server = network.get_node_by_hostname("ISP-PUB-SRV-DNS") def ping_all_some_tech_hr(host): @@ -129,8 +129,8 @@ def test_ping_some_tech_hr(uc7_network): def test_some_tech_data_hr(uc7_network): """Assert that all some_tech_data_* servers can ping each other and the public dns.""" network = uc7_network - some_tech_data_server_storage: Server = network.get_node_by_hostname("ST-DATA-PRV-SRV-STORAGE") - some_tech_data_server_database: Server = network.get_node_by_hostname("ST-DATA-PRV-SRV-DB") + some_tech_data_server_storage: Server = network.get_node_by_hostname("ST_DATA-PRV-SRV-STORAGE") + some_tech_data_server_database: Server = network.get_node_by_hostname("ST_DATA-PRV-SRV-DB") isp_pub_srv_dns: Server = network.get_node_by_hostname("ISP-PUB-SRV-DNS") def ping_all_some_tech_hr(host): @@ -145,9 +145,9 @@ def test_some_tech_data_hr(uc7_network): def test_some_tech_project_a(uc7_network): """Asserts that all some_tech project A's PCs can ping each other and the public dns.""" network = uc7_network - some_tech_proj_a_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-1") - some_tech_proj_a_pc_2: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-2") - some_tech_proj_a_pc_3: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-3") + some_tech_proj_a_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-1") + some_tech_proj_a_pc_2: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-2") + some_tech_proj_a_pc_3: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-3") isp_pub_srv_dns: Server = network.get_node_by_hostname("ISP-PUB-SRV-DNS") def ping_all_some_tech_proj_a(host): @@ -164,9 +164,9 @@ def test_some_tech_project_a(uc7_network): def test_some_tech_project_b(uc7_network): """Asserts that all some_tech_project_b PC's can ping each other and the public dps.""" network = uc7_network - some_tech_proj_b_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-B-PRV-PC-1") - some_tech_proj_b_pc_2: Computer = network.get_node_by_hostname("ST-PROJ-B-PRV-PC-2") - some_tech_proj_b_pc_3: Computer = network.get_node_by_hostname("ST-PROJ-B-PRV-PC-3") + some_tech_proj_b_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-B-PRV-PC-1") + some_tech_proj_b_pc_2: Computer = network.get_node_by_hostname("ST_PROJ-B-PRV-PC-2") + some_tech_proj_b_pc_3: Computer = network.get_node_by_hostname("ST_PROJ-B-PRV-PC-3") isp_pub_srv_dns: Server = network.get_node_by_hostname("ISP-PUB-SRV-DNS") def ping_all_some_tech_proj_b(host): @@ -183,9 +183,9 @@ def test_some_tech_project_b(uc7_network): def test_some_tech_project_a(uc7_network): """Asserts that all some_tech_project_c PC's can ping each other and the public dps.""" network = uc7_network - some_tech_proj_c_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-C-PRV-PC-1") - some_tech_proj_c_pc_2: Computer = network.get_node_by_hostname("ST-PROJ-C-PRV-PC-2") - some_tech_proj_c_pc_3: Computer = network.get_node_by_hostname("ST-PROJ-C-PRV-PC-3") + some_tech_proj_c_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-C-PRV-PC-1") + some_tech_proj_c_pc_2: Computer = network.get_node_by_hostname("ST_PROJ-C-PRV-PC-2") + some_tech_proj_c_pc_3: Computer = network.get_node_by_hostname("ST_PROJ-C-PRV-PC-3") isp_pub_srv_dns: Server = network.get_node_by_hostname("ISP-PUB-SRV-DNS") def ping_all_some_tech_proj_c(host): @@ -205,13 +205,13 @@ def test_ping_all_networks(uc7_network): home_office_pc_1: Computer = network.get_node_by_hostname("HOME-PUB-PC-1") isp_pub_srv_dns: Server = network.get_node_by_hostname("ISP-PUB-SRV-DNS") remote_office_pc_1: Computer = network.get_node_by_hostname("REM-PUB-PC-1") - st_head_office_pc_1: Computer = network.get_node_by_hostname("ST-HO-PRV-PC-1") - st_human_resources_pc_1: Computer = network.get_node_by_hostname("ST-HR-PRV-PC-1") - st_data_storage_server: Server = network.get_node_by_hostname("ST-DATA-PRV-SRV-STORAGE") - st_data_database_server: Server = network.get_node_by_hostname("ST-DATA-PRV-SRV-DB") - st_proj_a_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-1") - st_proj_b_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-B-PRV-PC-1") - st_proj_c_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-C-PRV-PC-1") + st_head_office_pc_1: Computer = network.get_node_by_hostname("ST_HO-PRV-PC-1") + st_human_resources_pc_1: Computer = network.get_node_by_hostname("ST_HR-PRV-PC-1") + st_data_storage_server: Server = network.get_node_by_hostname("ST_DATA-PRV-SRV-STORAGE") + st_data_database_server: Server = network.get_node_by_hostname("ST_DATA-PRV-SRV-DB") + st_proj_a_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-1") + st_proj_b_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-B-PRV-PC-1") + st_proj_c_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-C-PRV-PC-1") def ping_network_wide(host): assert host.ping(home_office_pc_1.network_interface[1].ip_address) diff --git a/tests/e2e_integration_tests/test_uc7_services_and_applications.py b/tests/e2e_integration_tests/test_uc7_services_and_applications.py index 6514627c..0bcfcfca 100644 --- a/tests/e2e_integration_tests/test_uc7_services_and_applications.py +++ b/tests/e2e_integration_tests/test_uc7_services_and_applications.py @@ -139,7 +139,7 @@ def test_remote_office_software(uc7_network): def test_dmz_web_server(uc7_network): """Asserts that the DMZ WebServer functions as expected""" network: Network = uc7_network - st_dmz_pub_srv_web: Server = network.get_node_by_hostname("ST-DMZ-PUB-SRV-WEB") + st_dmz_pub_srv_web: Server = network.get_node_by_hostname("ST_DMZ-PUB-SRV-WEB") # Asserting the ST Web Server is working as expected st_web_server = st_dmz_pub_srv_web.software_manager.software["web-server"] @@ -150,7 +150,7 @@ def test_dmz_web_server(uc7_network): # Asserting that WebBrowser can actually connect to the WebServer # SOME TECH Human Resources --> DMZ Web Server - st_hr_pc_1: Computer = network.get_node_by_hostname("ST-HR-PRV-PC-1") + st_hr_pc_1: Computer = network.get_node_by_hostname("ST_HR-PRV-PC-1") st_hr_pc_1_web_browser: WebBrowser = st_hr_pc_1.software_manager.software["web-browser"] assert st_hr_pc_1_web_browser.get_webpage("http://some_tech.com") @@ -169,9 +169,9 @@ def test_tech_head_office_software(uc7_network): """Asserts that each host on the some_tech_head_office network has the expected services & applications which are operating as expected.""" network: Network = uc7_network - st_head_office_private_pc_1: Computer = network.get_node_by_hostname("ST-HO-PRV-PC-1") - st_head_office_private_pc_2: Computer = network.get_node_by_hostname("ST-HO-PRV-PC-2") - st_head_office_private_pc_3: Computer = network.get_node_by_hostname("ST-HO-PRV-PC-3") + st_head_office_private_pc_1: Computer = network.get_node_by_hostname("ST_HO-PRV-PC-1") + st_head_office_private_pc_2: Computer = network.get_node_by_hostname("ST_HO-PRV-PC-2") + st_head_office_private_pc_3: Computer = network.get_node_by_hostname("ST_HO-PRV-PC-3") # ST Head Office One @@ -199,9 +199,9 @@ def test_tech_human_resources_office_software(uc7_network): """Asserts that each host on the some_tech human_resources network has the expected services & applications which are operating as expected.""" network: Network = uc7_network - st_hr_pc_1: Computer = network.get_node_by_hostname("ST-HR-PRV-PC-1") - st_hr_pc_2: Computer = network.get_node_by_hostname("ST-HR-PRV-PC-2") - st_hr_pc_3: Computer = network.get_node_by_hostname("ST-HR-PRV-PC-3") + st_hr_pc_1: Computer = network.get_node_by_hostname("ST_HR-PRV-PC-1") + st_hr_pc_2: Computer = network.get_node_by_hostname("ST_HR-PRV-PC-2") + st_hr_pc_3: Computer = network.get_node_by_hostname("ST_HR-PRV-PC-3") # ST Human Resource PC 1 @@ -228,9 +228,9 @@ def test_tech_human_resources_office_software(uc7_network): def test_tech_data_software(uc7_network): """Asserts the database and database storage servers on the some_tech data network are operating as expected.""" network: Network = uc7_network - st_data_database_server: Server = network.get_node_by_hostname("ST-DATA-PRV-SRV-DB") - st_data_database_storage: Server = network.get_node_by_hostname("ST-DATA-PRV-SRV-STORAGE") - st_proj_a_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-1") + st_data_database_server: Server = network.get_node_by_hostname("ST_DATA-PRV-SRV-DB") + st_data_database_storage: Server = network.get_node_by_hostname("ST_DATA-PRV-SRV-STORAGE") + st_proj_a_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-1") # Asserting that the database_service is working as expected database_service: DatabaseService = st_data_database_server.software_manager.software["database-service"] @@ -254,9 +254,9 @@ def test_tech_data_software(uc7_network): def test_tech_proj_a_software(uc7_network): """Asserts that each host on the some_tech project A network has the expected services & applications which are operating as expected.""" network: Network = uc7_network - st_proj_a_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-1") - st_proj_a_pc_2: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-2") - st_proj_a_pc_3: Computer = network.get_node_by_hostname("ST-PROJ-A-PRV-PC-3") + st_proj_a_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-1") + st_proj_a_pc_2: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-2") + st_proj_a_pc_3: Computer = network.get_node_by_hostname("ST_PROJ-A-PRV-PC-3") # ST Project A - PC 1 @@ -283,9 +283,9 @@ def test_tech_proj_a_software(uc7_network): def test_tech_proj_b_software(uc7_network): """Asserts that each host on the some_tech project A network has the expected services & applications which are operating as expected.""" network: Network = uc7_network - st_proj_b_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-B-PRV-PC-1") - st_proj_b_pc_2: Computer = network.get_node_by_hostname("ST-PROJ-B-PRV-PC-2") - st_proj_b_pc_3: Computer = network.get_node_by_hostname("ST-PROJ-B-PRV-PC-3") + st_proj_b_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-B-PRV-PC-1") + st_proj_b_pc_2: Computer = network.get_node_by_hostname("ST_PROJ-B-PRV-PC-2") + st_proj_b_pc_3: Computer = network.get_node_by_hostname("ST_PROJ-B-PRV-PC-3") # ST Project B - PC 1 @@ -312,9 +312,9 @@ def test_tech_proj_b_software(uc7_network): def test_tech_proj_c_software(uc7_network): """Asserts that each host on the some_tech project A network has the expected services & applications which are operating as expected.""" network: Network = uc7_network - st_proj_c_pc_1: Computer = network.get_node_by_hostname("ST-PROJ-C-PRV-PC-1") - st_proj_c_pc_2: Computer = network.get_node_by_hostname("ST-PROJ-C-PRV-PC-2") - st_proj_c_pc_3: Computer = network.get_node_by_hostname("ST-PROJ-C-PRV-PC-3") + st_proj_c_pc_1: Computer = network.get_node_by_hostname("ST_PROJ-C-PRV-PC-1") + st_proj_c_pc_2: Computer = network.get_node_by_hostname("ST_PROJ-C-PRV-PC-2") + st_proj_c_pc_3: Computer = network.get_node_by_hostname("ST_PROJ-C-PRV-PC-3") # ST Project C - PC 1 diff --git a/tests/e2e_integration_tests/threat_actor_profiles/test_abstract_tap.py b/tests/e2e_integration_tests/threat_actor_profiles/test_abstract_tap.py index 0135a4fb..2fcc33a8 100644 --- a/tests/e2e_integration_tests/threat_actor_profiles/test_abstract_tap.py +++ b/tests/e2e_integration_tests/threat_actor_profiles/test_abstract_tap.py @@ -103,7 +103,7 @@ def test_abstract_tap_select_start_node(): env = uc7_tap003_env(repeat_kill_chain=True, repeat_kill_chain_stages=True) # Using TAP003 for PyTests. tap: TAP003 = env.game.agents["attacker"] - assert tap.starting_node == "ST-PROJ-A-PRV-PC-1" + assert tap.starting_node == "ST_PROJ-A-PRV-PC-1" assert tap.current_host == tap.starting_node diff --git a/tests/e2e_integration_tests/threat_actor_profiles/test_tap001_kill_chain_stages.py b/tests/e2e_integration_tests/threat_actor_profiles/test_tap001_kill_chain_stages.py index 17fe9b25..e20e02bb 100644 --- a/tests/e2e_integration_tests/threat_actor_profiles/test_tap001_kill_chain_stages.py +++ b/tests/e2e_integration_tests/threat_actor_profiles/test_tap001_kill_chain_stages.py @@ -188,7 +188,7 @@ def test_tap001_kill_chain_stage_PAYLOAD(): tap001: TAP001 = env.game.agents["attacker"] # The tap001's Target Database - target_host = env.game.simulation.network.get_node_by_hostname("ST-DATA-PRV-SRV-DB") + target_host = env.game.simulation.network.get_node_by_hostname("ST_DATA-PRV-SRV-DB") db_server_service: DatabaseService = target_host.software_manager.software.get("database-service") # Green agent status requests are tested within the ransomware application tests. diff --git a/tests/e2e_integration_tests/threat_actor_profiles/test_tap001_propagate_stage.py b/tests/e2e_integration_tests/threat_actor_profiles/test_tap001_propagate_stage.py index 13b849c9..03961352 100644 --- a/tests/e2e_integration_tests/threat_actor_profiles/test_tap001_propagate_stage.py +++ b/tests/e2e_integration_tests/threat_actor_profiles/test_tap001_propagate_stage.py @@ -96,7 +96,7 @@ def test_tap001_kill_chain_stage_PROPAGATE_different_starting_node(): "192.168.240.0/29", "192.168.220.0/29", ] - starting_nodes = ["ST-PROJ-B-PRV-PC-2", "ST-PROJ-C-PRV-PC-3"] + starting_nodes = ["ST_PROJ-B-PRV-PC-2", "ST_PROJ-C-PRV-PC-3"] env = uc7_tap001_env( payload=payload, scan_attempts=scan_attempts, network_addresses=network_addresses, starting_nodes=starting_nodes diff --git a/tests/e2e_integration_tests/threat_actor_profiles/test_tap003_kill_chain_stages.py b/tests/e2e_integration_tests/threat_actor_profiles/test_tap003_kill_chain_stages.py index e9410ee4..32e2449c 100644 --- a/tests/e2e_integration_tests/threat_actor_profiles/test_tap003_kill_chain_stages.py +++ b/tests/e2e_integration_tests/threat_actor_profiles/test_tap003_kill_chain_stages.py @@ -152,7 +152,7 @@ def test_tap003_kill_chain_stage_manipulation(): env.step(0) env.step(0) env.step(0) - st_intra_prv_rt_dr_1: Router = env.game.simulation.network.get_node_by_hostname("ST-INTRA-PRV-RT-DR-1") + st_intra_prv_rt_dr_1: Router = env.game.simulation.network.get_node_by_hostname("ST_INTRA-PRV-RT-DR-1") assert st_intra_prv_rt_dr_1.user_manager.admins["admin"].password == "red_pass" env.step(0) @@ -160,7 +160,7 @@ def test_tap003_kill_chain_stage_manipulation(): env.step(0) env.step(0) env.step(0) - st_intra_prv_rt_cr: Router = env.game.simulation.network.get_node_by_hostname("ST-INTRA-PRV-RT-CR") + st_intra_prv_rt_cr: Router = env.game.simulation.network.get_node_by_hostname("ST_INTRA-PRV-RT-CR") assert st_intra_prv_rt_cr.user_manager.admins["admin"].password == "red_pass" env.step(0) @@ -178,8 +178,8 @@ def test_tap003_kill_chain_stage_exploit(): env = uc7_tap003_env() tap003: TAP003 = env.game.agents["attacker"] # The TAP003's Target Router/Firewall - st_intra_prv_rt_dr_1: Router = env.game.simulation.network.get_node_by_hostname("ST-INTRA-PRV-RT-DR-1") - st_intra_prv_rt_cr: Router = env.game.simulation.network.get_node_by_hostname("ST-INTRA-PRV-RT-CR") + st_intra_prv_rt_dr_1: Router = env.game.simulation.network.get_node_by_hostname("ST_INTRA-PRV-RT-DR-1") + st_intra_prv_rt_cr: Router = env.game.simulation.network.get_node_by_hostname("ST_INTRA-PRV-RT-CR") rem_pub_rt_dr: Router = env.game.simulation.network.get_node_by_hostname("REM-PUB-RT-DR") assert tap003.current_kill_chain_stage == BaseKillChain.NOT_STARTED diff --git a/tests/e2e_integration_tests/threat_actor_profiles/test_tap003_multiple_rules.py b/tests/e2e_integration_tests/threat_actor_profiles/test_tap003_multiple_rules.py index 036b6769..77b3ce75 100644 --- a/tests/e2e_integration_tests/threat_actor_profiles/test_tap003_multiple_rules.py +++ b/tests/e2e_integration_tests/threat_actor_profiles/test_tap003_multiple_rules.py @@ -30,7 +30,7 @@ REPEAT_KILL_CHAIN_STAGES = False # Should the TAP restart from it's previous st KILL_CHAIN_PROBABILITY = 1 # Blank probability for agent 'success' RULES = [ { - "target_router": "ST-INTRA-PRV-RT-DR-1", + "target_router": "ST_INTRA-PRV-RT-DR-1", "position": 1, "permission": "DENY", "src_ip": "192.168.220.3", @@ -42,7 +42,7 @@ RULES = [ "protocol_name": "ALL", }, { - "target_router": "ST-INTRA-PRV-RT-DR-2", + "target_router": "ST_INTRA-PRV-RT-DR-2", "position": 5, "permission": "DENY", "src_ip": "192.168.220.3", @@ -54,7 +54,7 @@ RULES = [ "protocol_name": "ALL", }, { - "target_router": "ST-INTRA-PRV-RT-CR", + "target_router": "ST_INTRA-PRV-RT-CR", "position": 6, "permission": "PERMIT", "src_ip": "192.168.220.3", @@ -105,14 +105,14 @@ def uc7_tap003_env(**kwargs) -> PrimaiteGymEnv: cfg["agents"][ATTACK_AGENT_INDEX]["agent_settings"]["kill_chain"]["EXPLOIT"]["malicious_acls"] = RULES # Adding the new test target to TAP003's starting knowledge: new_target_dict = { - "ST-INTRA-PRV-RT-DR-2": { + "ST_INTRA-PRV-RT-DR-2": { "ip_address": "192.168.170.2", "username": "admin", "password": "admin", } } new_target_manipulation = { - "host": "ST-INTRA-PRV-RT-DR-2", + "host": "ST_INTRA-PRV-RT-DR-2", "ip_address": "192.168.170.2", "action": "change_password", "username": "admin", @@ -150,7 +150,7 @@ def test_tap003_cycling_rules(): pytest.fail("While testing the cycling of TAP003 rules, the agent unexpectedly didn't execute its attack.") wait_until_attack() - target_node: Router = env.game.simulation.network.get_node_by_hostname("ST-INTRA-PRV-RT-DR-1") + target_node: Router = env.game.simulation.network.get_node_by_hostname("ST_INTRA-PRV-RT-DR-1") assert (rule_0 := target_node.acl.acl[1]) is not None assert rule_0.action == ACLAction.DENY assert rule_0.protocol == None @@ -161,7 +161,7 @@ def test_tap003_cycling_rules(): assert rule_0.src_port == None assert rule_0.dst_port == None - target_node: Router = env.game.simulation.network.get_node_by_hostname("ST-INTRA-PRV-RT-DR-2") + target_node: Router = env.game.simulation.network.get_node_by_hostname("ST_INTRA-PRV-RT-DR-2") wait_until_attack() assert (rule_1 := target_node.acl.acl[5]) is not None assert rule_1.action == ACLAction.DENY @@ -174,7 +174,7 @@ def test_tap003_cycling_rules(): assert rule_1.dst_port == None wait_until_attack() - target_node: Router = env.game.simulation.network.get_node_by_hostname("ST-INTRA-PRV-RT-CR") + target_node: Router = env.game.simulation.network.get_node_by_hostname("ST_INTRA-PRV-RT-CR") assert (rule_2 := target_node.acl.acl[6]) is not None assert rule_2.action == ACLAction.PERMIT assert rule_2.protocol == None diff --git a/tests/integration_tests/configuration_file_parsing/threat_actor_profile_settings/test_threat_actor_profile_settings.py b/tests/integration_tests/configuration_file_parsing/threat_actor_profile_settings/test_threat_actor_profile_settings.py index 139ca154..03216865 100644 --- a/tests/integration_tests/configuration_file_parsing/threat_actor_profile_settings/test_threat_actor_profile_settings.py +++ b/tests/integration_tests/configuration_file_parsing/threat_actor_profile_settings/test_threat_actor_profile_settings.py @@ -24,7 +24,7 @@ def test_threat_actor_profile_load_config(): assert agent.config.agent_settings.variance == 0 assert not agent.config.agent_settings.repeat_kill_chain assert agent.config.agent_settings.repeat_kill_chain_stages - assert agent.config.agent_settings.default_starting_node == "ST-PROJ-A-PRV-PC-1" + assert agent.config.agent_settings.default_starting_node == "ST_PROJ-A-PRV-PC-1" assert not agent.config.agent_settings.starting_nodes assert agent.config.agent_settings.kill_chain.PLANNING.probability == 1 assert len(agent.config.agent_settings.kill_chain.PLANNING.starting_network_knowledge["credentials"]) == 6