# Basic Switched network # # -------------- -------------- -------------- # | client_1 |------| switch_1 |------| client_2 | # -------------- -------------- -------------- # io_settings: save_step_metadata: false save_pcap_logs: true save_sys_logs: true sys_log_level: WARNING agent_log_level: INFO save_agent_logs: true write_agent_log_to_terminal: True game: max_episode_length: 256 ports: - ARP - DNS - HTTP - POSTGRES_SERVER protocols: - ICMP - TCP - UDP agents: - ref: client_2_green_user team: GREEN type: ProbabilisticAgent observation_space: null action_space: action_list: - type: DONOTHING - type: NODE_APPLICATION_EXECUTE action_map: 0: action: DONOTHING options: {} 1: action: NODE_APPLICATION_EXECUTE options: node_id: 0 application_id: 0 options: nodes: - node_name: client_2 applications: - application_name: WebBrowser max_folders_per_node: 1 max_files_per_folder: 1 max_services_per_node: 1 max_applications_per_node: 1 reward_function: reward_components: - type: DUMMY agent_settings: start_settings: start_step: 5 frequency: 4 variance: 3 - ref: defender team: BLUE type: ProxyAgent observation_space: type: CUSTOM options: components: - type: NODES label: NODES options: hosts: - hostname: client_1 - hostname: client_2 - hostname: client_3 num_services: 1 num_applications: 0 num_folders: 1 num_files: 1 num_nics: 2 include_num_access: false monitored_traffic: icmp: - NONE tcp: - DNS include_nmne: false routers: - hostname: router_1 num_ports: 0 ip_list: - 192.168.10.21 - 192.168.10.22 - 192.168.10.23 wildcard_list: - 0.0.0.1 port_list: - 80 - 5432 protocol_list: - ICMP - TCP - UDP num_rules: 10 - type: LINKS label: LINKS options: link_references: - switch_1:eth-1<->client_1:eth-1 - switch_1:eth-2<->client_2:eth-1 - type: "NONE" label: ICS options: {} action_space: action_list: - type: DONOTHING action_map: 0: action: DONOTHING options: {} options: nodes: - node_name: switch - node_name: client_1 - node_name: client_2 - node_name: client_3 max_folders_per_node: 2 max_files_per_folder: 2 max_services_per_node: 2 max_nics_per_node: 8 max_acl_rules: 10 ip_list: - 192.168.10.21 - 192.168.10.22 - 192.168.10.23 reward_function: reward_components: - type: DATABASE_FILE_INTEGRITY weight: 0.5 options: node_hostname: database_server folder_name: database file_name: database.db - type: WEB_SERVER_404_PENALTY weight: 0.5 options: node_hostname: web_server service_name: web_server_web_service agent_settings: flatten_obs: true simulation: network: nodes: - type: switch hostname: switch_1 num_ports: 8 - hostname: client_1 type: computer ip_address: 192.168.10.21 subnet_mask: 255.255.255.0 default_gateway: 192.168.10.1 dns_server: 192.168.1.10 applications: - type: RansomwareScript - type: WebBrowser options: target_url: http://arcd.com/users/ - type: DatabaseClient options: db_server_ip: 192.168.1.10 server_password: arcd - type: DataManipulationBot options: port_scan_p_of_success: 0.8 data_manipulation_p_of_success: 0.8 payload: "DELETE" server_ip: 192.168.1.21 server_password: arcd - type: DoSBot options: target_ip_address: 192.168.10.21 payload: SPOOF DATA port_scan_p_of_success: 0.8 services: - type: DNSClient options: dns_server: 192.168.1.10 - type: DNSServer options: domain_mapping: arcd.com: 192.168.1.10 - type: DatabaseService options: backup_server_ip: 192.168.1.10 - type: WebServer - type: FTPServer options: server_password: arcd - type: NTPClient options: ntp_server_ip: 192.168.1.10 - type: NTPServer - hostname: client_2 type: computer ip_address: 192.168.10.22 subnet_mask: 255.255.255.0 default_gateway: 192.168.10.1 dns_server: 192.168.1.10 # pre installed services and applications - hostname: client_3 type: computer ip_address: 192.168.10.23 subnet_mask: 255.255.255.0 default_gateway: 192.168.10.1 dns_server: 192.168.1.10 start_up_duration: 0 shut_down_duration: 0 operating_state: "OFF" # pre installed services and applications links: - endpoint_a_hostname: switch_1 endpoint_a_port: 1 endpoint_b_hostname: client_1 endpoint_b_port: 1 bandwidth: 200 - endpoint_a_hostname: switch_1 endpoint_a_port: 2 endpoint_b_hostname: client_2 endpoint_b_port: 1 bandwidth: 200