oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fd2ad450592a324b2c5bc940fe4c5e479cc1366b
PrimAITE/src/primaite/config/_package_data/uc7_config.yaml
Archer Bowen 2662540965 Reviewing PR comments - #2925 !612
2025-03-07 13:41:12 +00:00

2678 lines
84 KiB
YAML
Raw Blame History

##########################################################
# USE CASE 7 CONFIGURATION YAML FILE #
##########################################################
##########################################
# PrimAITE Game and Logging Settings #
##########################################
# PrimAITE I/O Settings #
io_settings:
save_agent_actions: false
save_step_metadata: false
save_pcap_logs: false
save_sys_logs: false
save_agent_logs: false
write_sys_log_to_terminal: false
# PrimAITE Game Settings #
game:
max_episode_length: 128
ports:
- FTP
- DNS
- HTTP
- NTP
- POSTGRES_SERVER
- SSH
protocols:
- ICMP
- TCP
- UDP
thresholds:
nmne:
high: 10
medium: 5
low: 0
############################################
# PrimAITE Use Case 7 Simulation #
############################################
##########################################
# Configuration Variables (Yaml Anchors) #
##########################################
# External Network Address List #
DNS_SUBNET: &DNS_SUBNET 255.255.255.240 # | 8.8.8.0 / 28
HOME_INTERNET_SUBNET: &HOME_INTERNET_SUBNET 255.255.255.252 # | 10.1.0.0 / 30
REMOTE_INTERNET_SUBNET: &REMOTE_INTERNET_SUBNET 255.255.255.252 # | 10.1.10.0 / 30
SOME_TECH_INTERNET_SUBNET: &ST_INTERNET_SUBNET 255.255.255.252 # | 10.1.100.0 / 30
HOME_OFFICE_SUBNET: &HOME_SUBNET 255.255.255.0 # | 192.168.1.0 / 26
REMOTE_SUBNET_DMZ: &REMOTE_SUBNET_DMZ 255.255.255.252 # | 192.168.10.0 / 30
REMOTE_SUBNET: &REMOTE_SUBNET 255.255.255.240 # | 192.168.20.0 / 28
# SOME_TECH (ST) Network Address List #
SOME_TECH_DMZ_SUBNET: &ST_DMZ_SUBNET 255.255.255.252 # | 192.168.100.0 / 30
SOME_TECH_INTRANET_RT_CR_SUBNET: &ST_INTRA_CR_SUBNET 255.255.255.240 # | 192.168.150.0 / 28
SOME_TECH_INTRANET_RT_DR_ONE_SUBNET: &ST_INTRA_DR_ONE_SUBNET 255.255.255.252 # | 192.168.160.0 / 30
SOME_TECH_INTRANET_RT_DR_TWO_SUBNET: &ST_INTRA_DR_TWO_SUBNET 255.255.255.252 # | 192.168.170.0 / 30
SOME_TECH_HEAD_OFFICE_SUBNET: &ST_HO_SUBNET 255.255.255.248 # | 192.168.200.0 / 29
SOME_TECH_HUMAN_RESOURCES_SUBNET: &ST_HR_SUBNET 255.255.255.248 # | 192.168.210.0 / 29
SOME_TECH_DATA_SUBNET: &ST_DATA_SUBNET 255.255.255.248 # | 192.168.220.0 / 29
SOME_TECH_PROJECT_A_SUBNET: &ST_PROJ_A_SUBNET 255.255.255.248 # | 192.168.230.0 / 29
SOME_TECH_PROJECT_B_SUBNET: &ST_PROJ_B_SUBNET 255.255.255.248 # | 192.168.240.0 / 29
SOME_TECH_PROJECT_C_SUBNET: &ST_PROJ_C_SUBNET 255.255.255.248 # | 192.168.250.0 / 29
# Host & Server Configurations #
# ST Public Web Server | web-server | ST_DMZ-PUB-SRV-WEB
SOME_TECH_PUBLIC_SERVER_WEB_IP_ADDRESS: &ST_PUB_SRV_WEB_IP 192.168.100.2
SOME_TECH_PUBLIC_SERVER_WEB_CONFIG: &ST_SRV_WEB_CONFIG #
- type: web-server
# ISP Public DNS | dns-server | ISP-PUB-SRV-DNS
PUBLIC_DNS_IP_ADDRESS: &PUBLIC_DNS_IP 8.8.8.8
PUBLIC_DNS_CONFIG: &PUBLIC_DNS_CONFIG #
- type: dns-server
options:
domain_mapping:
some_tech.com: *ST_PUB_SRV_WEB_IP
# ST Private Storage Server | ftp-server | ST_DATA-PRV-SRV-STORAGE
SOME_TECH_PRIVATE_SERVER_STORAGE_IP: &ST_SRV_STORAGE_IP 192.168.220.2
SOME_TECH_PRIVATE_SERVER_STORAGE_CONFIG: &ST_SRV_STORAGE_CONFIG
- type: ftp-server
# ST Private Database Server | database-client & ftp-client | ST_DATA-PRV-SRV-DB
SOME_TECH_PRIVATE_SERVER_DATABASE_IP: &ST_SRV_DB_IP 192.168.220.3
SOME_TECH_PRIVATE_SERVER_DATABASE_CONFIG: &ST_SRV_DB_CONFIG
- type: database-service
options:
backup_server_ip: *ST_SRV_STORAGE_IP
- type: ftp-client
# Default PC Configuration | Database Client & Web Server
PERSONAL_COMPUTER_DEFAULT_CONFIG: &PC_DEFAULT_CONFIG
- type: database-client
options:
db_server_ip: *ST_SRV_DB_IP
- type: web-browser
options:
target_url: http://some_tech.com
##############################
# Simulation Configuration #
##############################
simulation:
defaults:
folder_scan_duration: 0
folder_restore_duration: 3
service_fix_duration: 2
service_restart_duration: 2
software_install_duration: 0
node_start_up_duration: 3
node_shut_down_duration: 3
node_scan_duration: 8
network:
nmne_config:
capture_nmne: true
nmne_capture_keywords:
- DELETE
- ENCRYPT
nodes:
######################
# HOME OFFICE SUBNET #
######################
- hostname: HOME-PUB-RT-DR
type: router
default_gateway: 10.1.0.1
ports:
1:
ip_address: 192.168.1.1
subnet_mask: *HOME_SUBNET
2:
ip_address: 10.1.0.2
subnet_mask: *HOME_INTERNET_SUBNET
default_route:
next_hop_ip_address: 10.1.0.1
acl:
5:
action: PERMIT
- hostname: HOME-PUB-SW-AS
type: switch
num_ports: 5
- hostname: HOME-PUB-PC-1
type: computer
ip_address: 192.168.1.2
default_gateway: 192.168.1.1
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: HOME-PUB-PC-2
type: computer
ip_address: 192.168.1.3
default_gateway: 192.168.1.1
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: HOME-PUB-SRV
type: server
ip_address: 192.168.1.4
default_gateway: 192.168.1.1
dns_server: *PUBLIC_DNS_IP
######################
# INTERNET SUBNET #
######################
- hostname: ISP-PUB-RT-BR
type: router
ports:
1:
ip_address: 10.1.0.1
subnet_mask: *HOME_INTERNET_SUBNET
2:
ip_address: 8.8.8.1
subnet_mask: *DNS_SUBNET
3:
ip_address: 10.1.10.1
subnet_mask: *REMOTE_INTERNET_SUBNET
4:
ip_address: 10.1.100.1
subnet_mask: *ST_INTERNET_SUBNET
routes:
- address: 192.168.1.0
subnet_mask: *HOME_SUBNET
next_hop_ip_address: 10.1.0.2
- address: 8.8.8.0
subnet_mask: *DNS_SUBNET
next_hop_ip_address: 8.8.8.8
- address: 192.168.10.0
subnet_mask: *REMOTE_SUBNET_DMZ
next_hop_ip_address: 10.1.10.2
- address: 192.168.20.0
subnet_mask: *REMOTE_SUBNET
next_hop_ip_address: 10.1.10.2
default_route:
next_hop_ip_address: 10.1.100.2 # SOME_TECH Firewall
acl:
5:
action: PERMIT
################
# DNS SUBNET #
################
- hostname: ISP-PUB-SRV-DNS
type: server
ip_address: 8.8.8.8
subnet_mask: *DNS_SUBNET
default_gateway: 8.8.8.1
services:
*PUBLIC_DNS_CONFIG
applications:
- type: c2-server # Represents the external internet.
options:
listen_on_ports:
- 80
- 53
- 21
########################
# REMOTE SITE SUBNET #
########################
- hostname: REM-PUB-FW
type: firewall
ports:
external_port: # Public Internet facing
ip_address: 10.1.10.2
subnet_mask: *REMOTE_INTERNET_SUBNET
internal_port: # Remote Site (DMZ Subnet) facing
ip_address: 192.168.10.1
subnet_mask: *REMOTE_SUBNET_DMZ
routes:
- address: 192.168.20.0 # Remote Site Network
subnet_mask: *REMOTE_SUBNET
next_hop_ip_address: 192.168.10.2
default_route:
next_hop_ip_address: 10.1.10.1 # Forward to internet router port 3
acl:
internal_inbound_acl:
1:
action: PERMIT
internal_outbound_acl:
1:
action: PERMIT
dmz_inbound_acl:
1:
action: PERMIT
dmz_outbound_acl:
1:
action: PERMIT
external_inbound_acl:
1:
action: PERMIT
external_outbound_acl:
1:
action: PERMIT
- hostname: REM-PUB-RT-DR
type: router
default_gateway: 192.168.10.1
ports:
1:
ip_address: 192.168.10.2
subnet_mask: *REMOTE_SUBNET_DMZ
2:
ip_address: 192.168.20.1
subnet_mask: *REMOTE_SUBNET
default_route:
next_hop_ip_address: 192.168.10.1
acl:
5:
action: PERMIT
- hostname: REM-PUB-SW-AS
type: switch
num_ports: 5
- hostname: REM-PUB-PC-1
type: computer
ip_address: 192.168.20.2
default_gateway: 192.168.20.1
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: REM-PUB-PC-2
type: computer
ip_address: 192.168.20.3
default_gateway: 192.168.20.1
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: REM-PUB-SRV
type: server
ip_address: 192.168.20.4
default_gateway: 192.168.20.1
dns_server: *PUBLIC_DNS_IP
########################
# SOME_TECH DMZ SUBNET #
########################
- hostname: ST_PUB-FW
type: firewall
ports:
external_port: # Public Internet Facing Port
ip_address: 10.1.100.2
subnet_mask: *ST_INTERNET_SUBNET
internal_port: # SOME_TECH Intranet Port
ip_address: 192.168.150.1
subnet_mask: *ST_INTRA_CR_SUBNET
dmz_port: # SOME_TECH Port Facing Port
ip_address: 192.168.100.1
subnet_mask: *ST_DMZ_SUBNET
acl:
internal_inbound_acl:
5:
action: PERMIT
internal_outbound_acl:
5:
action: PERMIT
dmz_inbound_acl:
5:
action: PERMIT
dmz_outbound_acl:
5:
action: PERMIT
external_inbound_acl:
5:
action: PERMIT
external_outbound_acl:
5:
action: PERMIT
routes:
- address: 10.1.100.0
subnet_mask: *ST_INTERNET_SUBNET
next_hop_ip_address: 10.1.100.1
- address: 10.1.10.0
subnet_mask: *REMOTE_INTERNET_SUBNET
next_hop_ip_address: 10.1.100.1
- address: 10.1.0.0
subnet_mask: *HOME_INTERNET_SUBNET
next_hop_ip_address: 10.1.100.1
- address: 192.168.1.0
subnet_mask: *HOME_SUBNET
next_hop_ip_address: 10.1.100.1
- address: 192.168.10.0
subnet_mask: *REMOTE_SUBNET_DMZ
next_hop_ip_address: 10.1.100.1
- address: 192.168.20.0
subnet_mask: *REMOTE_SUBNET
next_hop_ip_address: 10.1.100.1
- address: 8.8.8.0
subnet_mask: *DNS_SUBNET
next_hop_ip_address: 10.1.100.1
default_route:
next_hop_ip_address: 192.168.150.2
- hostname: ST_DMZ-PUB-SRV-WEB
type: server
ip_address: *ST_PUB_SRV_WEB_IP
subnet_mask: *ST_DMZ_SUBNET
default_gateway: 192.168.100.1
services:
*ST_SRV_WEB_CONFIG
#############################
# SOME_TECH INTRANET SUBNET #
#############################
- hostname: ST_INTRA-PRV-RT-CR
type: router
ports:
1:
ip_address: 192.168.150.2
subnet_mask: *ST_INTRA_CR_SUBNET
2:
ip_address: 192.168.160.1
subnet_mask: *ST_INTRA_DR_ONE_SUBNET
3:
ip_address: 192.168.170.1
subnet_mask: *ST_INTRA_DR_TWO_SUBNET
4:
ip_address: 192.168.220.1
subnet_mask: *ST_DATA_SUBNET
routes:
- address: 192.168.200.0
subnet_mask: *ST_HO_SUBNET
next_hop_ip_address: 192.168.170.2 # ST Intra Router Two
- address: 192.168.210.0
subnet_mask: *ST_HR_SUBNET
next_hop_ip_address: 192.168.170.2 # ST Intra Router Two
- address: 192.168.230.0
subnet_mask: *ST_PROJ_A_SUBNET
next_hop_ip_address: 192.168.160.2 # ST Intra Router One
- address: 192.168.240.0
subnet_mask: *ST_PROJ_B_SUBNET
next_hop_ip_address: 192.168.160.2 # ST Intra Router One
- address: 192.168.250.0
subnet_mask: *ST_PROJ_C_SUBNET
next_hop_ip_address: 192.168.160.2 # ST Intra Router One
default_route:
next_hop_ip_address: 192.168.150.1 # ST Public Firewall Internal Port
acl:
5:
action: PERMIT
- hostname: ST_INTRA-PRV-RT-DR-1
type: router
ports:
1:
ip_address: 192.168.160.2
subnet_mask: *ST_INTRA_DR_ONE_SUBNET
2:
ip_address: 192.168.230.1
subnet_mask: *ST_PROJ_A_SUBNET
3:
ip_address: 192.168.240.1
subnet_mask: *ST_PROJ_B_SUBNET
4:
ip_address: 192.168.250.1
subnet_mask: *ST_PROJ_C_SUBNET
default_route:
next_hop_ip_address: 192.168.160.1 # ST Intranet CR Router Port 2
acl:
5:
action: PERMIT
- hostname: ST_INTRA-PRV-RT-DR-2
type: router
default_gateway: 192.168.170.1
ports:
1:
ip_address: 192.168.170.2
subnet_mask: *ST_INTRA_DR_TWO_SUBNET
2:
ip_address: 192.168.200.1
subnet_mask: *ST_HO_SUBNET
3:
ip_address: 192.168.210.1
subnet_mask: *ST_HR_SUBNET
default_route:
next_hop_ip_address: 192.168.170.1 # ST Intranet CR Router Port 3
acl:
5:
action: PERMIT
################################
# SOME_TECH HEAD OFFICE SUBNET #
################################
- hostname: ST_HO-PRV-SW-AS
type: switch
num_ports: 5
- hostname: ST_HO-PRV-PC-1
type: computer
ip_address: 192.168.200.2
default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_HO-PRV-PC-2
type: computer
ip_address: 192.168.200.3
default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_HO-PRV-PC-3
type: computer
ip_address: 192.168.200.4
default_gateway: 192.168.200.1 # ST_INTRA-PRV-RT-DR-2 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
####################################
# SOME_TECH HUMAN RESOURCES SUBNET #
####################################
- hostname: ST_HR-PRV-SW-AS
type: switch
num_ports: 5
- hostname: ST_HR-PRV-PC-1
type: computer
ip_address: 192.168.210.2
default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_HR-PRV-PC-2
type: computer
ip_address: 192.168.210.3
default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_HR-PRV-PC-3
type: computer
ip_address: 192.168.210.4
default_gateway: 192.168.210.1 # ST_INTRA-PRV-RT-DR-2 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
#########################
# SOME_TECH DATA SUBNET #
#########################
- hostname: ST_DATA-PRV-SW-AS
type: switch
num_ports: 5
- hostname: ST_DATA-PRV-SRV-STORAGE
type: server
ip_address: *ST_SRV_STORAGE_IP
subnet_mask: *ST_DATA_SUBNET
default_gateway: 192.168.220.1
dns_server: *PUBLIC_DNS_IP
services:
*ST_SRV_STORAGE_CONFIG
- hostname: ST_DATA-PRV-SRV-DB
type: server
ip_address: *ST_SRV_DB_IP
subnet_mask: *ST_DATA_SUBNET
default_gateway: 192.168.220.1
dns_server: *PUBLIC_DNS_IP
services:
*ST_SRV_DB_CONFIG
#######################
# SOME_TECH PROJECT A #
#######################
- hostname: ST_PROJ-A-PRV-SW-AS
type: switch
num_ports: 5
- hostname: ST_PROJ-A-PRV-PC-1
type: computer
ip_address: 192.168.230.2
default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_PROJ-A-PRV-PC-2
type: computer
ip_address: 192.168.230.3
default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_PROJ-A-PRV-PC-3
type: computer
ip_address: 192.168.230.4
default_gateway: 192.168.230.1 # ST_INTRA-PRV-RT-DR-1 (Port 2)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
#######################
# SOME_TECH PROJECT B #
#######################
- hostname: ST_PROJ-B-PRV-SW-AS
type: switch
num_ports: 5
- hostname: ST_PROJ-B-PRV-PC-1
type: computer
ip_address: 192.168.240.2
default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_PROJ-B-PRV-PC-2
type: computer
ip_address: 192.168.240.3
default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_PROJ-B-PRV-PC-3
type: computer
ip_address: 192.168.240.4
default_gateway: 192.168.240.1 # ST_INTRA-PRV-RT-DR-1 (Port 3)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
#######################
# SOME_TECH PROJECT C #
#######################
- hostname: ST_PROJ-C-PRV-SW-AS
type: switch
num_ports: 5
- hostname: ST_PROJ-C-PRV-PC-1
type: computer
ip_address: 192.168.250.2
default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_PROJ-C-PRV-PC-2
type: computer
ip_address: 192.168.250.3
default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
- hostname: ST_PROJ-C-PRV-PC-3
type: computer
ip_address: 192.168.250.4
default_gateway: 192.168.250.1 # ST_INTRA-PRV-RT-DR-1 (Port 3)
dns_server: *PUBLIC_DNS_IP
applications:
*PC_DEFAULT_CONFIG
##############################
# Simulation Network Links #
##############################
links:
############################
# HOME OFFICE SUBNET LINKS #
############################
# Home Switch (Port 1) --> Home Router (Port 1)
- endpoint_a_hostname: HOME-PUB-SW-AS
endpoint_a_port: 1
endpoint_b_hostname: HOME-PUB-RT-DR
endpoint_b_port: 1
# Home Switch (Port 2) --> PC 1 (Port 1)
- endpoint_a_hostname: HOME-PUB-SW-AS
endpoint_a_port: 2
endpoint_b_hostname: HOME-PUB-PC-1
endpoint_b_port: 1
# Home Switch (Port 3) --> PC 2 (Port 1)
- endpoint_a_hostname: HOME-PUB-SW-AS
endpoint_a_port: 3
endpoint_b_hostname: HOME-PUB-PC-2
endpoint_b_port: 1
# Home Switch (Port 4) --> PC SRV (Port 1)
- endpoint_a_hostname: HOME-PUB-SW-AS
endpoint_a_port: 4
endpoint_b_hostname: HOME-PUB-SRV
endpoint_b_port: 1
##################
# Internet Links #
##################
# Internet Router (Port 1) --> Home Router (Port 2)
- endpoint_a_hostname: ISP-PUB-RT-BR
endpoint_a_port: 1
endpoint_b_hostname: HOME-PUB-RT-DR
endpoint_b_port: 2
# Internet Router (Port 2) --> DNS Server (Port 1)
- endpoint_a_hostname: ISP-PUB-RT-BR
endpoint_a_port: 2
endpoint_b_hostname: ISP-PUB-SRV-DNS
endpoint_b_port: 1
# Internet Router (Port 3) --> Remote Firewall (External Port)
- endpoint_a_hostname: ISP-PUB-RT-BR
endpoint_a_port: 3
endpoint_b_hostname: REM-PUB-FW
endpoint_b_port: 1
####################
# Remote DMZ Links #
####################
# Remote Firewall (Internal Port) --> Remote Site Router (Port 1)
- endpoint_a_hostname: REM-PUB-FW
endpoint_a_port: 2
endpoint_b_hostname: REM-PUB-RT-DR
endpoint_b_port: 1
####################
# Remote Site Link #
####################
# Remote Site Router (Port 2) --> Remote Site Switch (Port 1)
- endpoint_a_hostname: REM-PUB-RT-DR
endpoint_a_port: 2
endpoint_b_hostname: REM-PUB-SW-AS
endpoint_b_port: 1
# Remote Site Switch (Port 2) --> Remote Site PC 1 (Port 1)
- endpoint_a_hostname: REM-PUB-SW-AS
endpoint_a_port: 2
endpoint_b_hostname: REM-PUB-PC-1
endpoint_b_port: 1
# Remote Site Switch (Port 3) --> Remote Site PC 2 (Port 1)
- endpoint_a_hostname: REM-PUB-SW-AS
endpoint_a_port: 3
endpoint_b_hostname: REM-PUB-PC-2
endpoint_b_port: 1
# Remote Site Switch (Port 4) --> Remote Site Server (Port 1)
- endpoint_a_hostname: REM-PUB-SW-AS
endpoint_a_port: 4
endpoint_b_hostname: REM-PUB-SRV
endpoint_b_port: 1
#######################
# SOME_TECH DMZ Links #
#######################
# Internet Router (Port 4) --> Some Tech DMZ Firewall (External Port)
- endpoint_a_hostname: ISP-PUB-RT-BR
endpoint_a_port: 4
endpoint_b_hostname: ST_PUB-FW
endpoint_b_port: 1
# Some Tech DMZ Firewall (DMZ Port) --> Some Tech Web Server (Port 1)
- endpoint_a_hostname: ST_PUB-FW
endpoint_a_port: 3
endpoint_b_hostname: ST_DMZ-PUB-SRV-WEB
endpoint_b_port: 1
############################
# SOME_TECH INTRANET Links #
############################
# Some Tech Intranet CR Router (Port 1) --> Some Tech DMZ Firewall (Internal Port)
- endpoint_a_hostname: ST_INTRA-PRV-RT-CR
endpoint_a_port: 1
endpoint_b_hostname: ST_PUB-FW
endpoint_b_port: 2
# Some Tech Intranet CR Router (Port 2) --> Some Tech Intranet DR Router 1 (Port 1)
- endpoint_a_hostname: ST_INTRA-PRV-RT-CR
endpoint_a_port: 2
endpoint_b_hostname: ST_INTRA-PRV-RT-DR-1
endpoint_b_port: 1
# Some Tech Intranet CR Router (Port 3) --> Some Tech Intranet DR Router 2 (Port 2)
- endpoint_a_hostname: ST_INTRA-PRV-RT-CR
endpoint_a_port: 3
endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2
endpoint_b_port: 1
# Some Tech Intranet Private Router CR (Port 4) --> Some Tech Data Private Switch (Port 1)
- endpoint_a_hostname: ST_INTRA-PRV-RT-CR
endpoint_a_port: 4
endpoint_b_hostname: ST_DATA-PRV-SW-AS
endpoint_b_port: 1
###############################
# SOME_TECH HEAD OFFICE Links #
###############################
# Some Tech Head Office Switch (Port 1) --> Some Tech Intranet Private Router DR 2 (Port 2)
- endpoint_a_hostname: ST_HO-PRV-SW-AS
endpoint_a_port: 1
endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2
endpoint_b_port: 2
# Some Tech Head Office Switch (Port 2) --> Some Tech Head Office PC 1 (Port 1)
- endpoint_a_hostname: ST_HO-PRV-SW-AS
endpoint_a_port: 2
endpoint_b_hostname: ST_HO-PRV-PC-1
endpoint_b_port: 1
# Some Tech Head Office Switch (Port 3) --> Some Tech Head Office PC 2 (Port 1)
- endpoint_a_hostname: ST_HO-PRV-SW-AS
endpoint_a_port: 3
endpoint_b_hostname: ST_HO-PRV-PC-2
endpoint_b_port: 1
# Some Tech Head Office Switch (Port 4) --> Some Tech Head Office PC 3 (Port 1)
- endpoint_a_hostname: ST_HO-PRV-SW-AS
endpoint_a_port: 4
endpoint_b_hostname: ST_HO-PRV-PC-3
endpoint_b_port: 1
###################################
# SOME_TECH HUMAN RESOURCES Links #
###################################
# Some Tech Human Resources Switch (Port 1) --> Some Tech Intranet Private Router DR 2 (Port 3)
- endpoint_a_hostname: ST_HR-PRV-SW-AS
endpoint_a_port: 1
endpoint_b_hostname: ST_INTRA-PRV-RT-DR-2
endpoint_b_port: 3
# Some Tech Human Resources Switch (Port 2) --> Some Tech Human Resources PC 1 (Port 1)
- endpoint_a_hostname: ST_HR-PRV-SW-AS
endpoint_a_port: 2
endpoint_b_hostname: ST_HR-PRV-PC-1
endpoint_b_port: 1
# Some Tech Human Resources Switch (Port 3) --> Some Tech Human Resources PC 2 (Port 1)
- endpoint_a_hostname: ST_HR-PRV-SW-AS
endpoint_a_port: 3
endpoint_b_hostname: ST_HR-PRV-PC-2
endpoint_b_port: 1
# Some Tech Human Resources Switch (Port 4) --> Some Tech Human Resources PC 3 (Port 1)
- endpoint_a_hostname: ST_HR-PRV-SW-AS
endpoint_a_port: 4
endpoint_b_hostname: ST_HR-PRV-PC-3
endpoint_b_port: 1
########################
# SOME_TECH DATA Links #
########################
# Some Tech Data Switch (Port 2) --> Some Tech Data Private Storage Server (Port 1)
- endpoint_a_hostname: ST_DATA-PRV-SW-AS
endpoint_a_port: 2
endpoint_b_hostname: ST_DATA-PRV-SRV-STORAGE
endpoint_b_port: 1
# Some Tech Data Switch (Port 3) --> Some Tech Data Private Database Server (Port 1)
- endpoint_a_hostname: ST_DATA-PRV-SW-AS
endpoint_a_port: 3
endpoint_b_hostname: ST_DATA-PRV-SRV-DB
endpoint_b_port: 1
#############################
# SOME_TECH PROJECT A Links #
#############################
# Some Tech Intranet Private Router DR 1 (Port 2) --> Some Tech Private Project A Switch (Port 1)
- endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1
endpoint_a_port: 2
endpoint_b_hostname: ST_PROJ-A-PRV-SW-AS
endpoint_b_port: 1
# Some Tech Private Project A Switch (Port 2) --> Some Tech Project A PC 1
- endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS
endpoint_a_port: 2
endpoint_b_hostname: ST_PROJ-A-PRV-PC-1
endpoint_b_port: 1
# Some Tech Private Project A Switch (Port 3) --> Some Tech Project A PC 2
- endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS
endpoint_a_port: 3
endpoint_b_hostname: ST_PROJ-A-PRV-PC-2
endpoint_b_port: 1
# Some Tech Private Project A Switch (Port 4) --> Some Tech Project A PC 3
- endpoint_a_hostname: ST_PROJ-A-PRV-SW-AS
endpoint_a_port: 4
endpoint_b_hostname: ST_PROJ-A-PRV-PC-3
endpoint_b_port: 1
#############################
# SOME_TECH PROJECT B Links #
#############################
# Some Tech Intranet Private Router DR 1 (Port 3) --> Some Tech Private Project B Switch (Port 1)
- endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1
endpoint_a_port: 3
endpoint_b_hostname: ST_PROJ-B-PRV-SW-AS
endpoint_b_port: 1
# Some Tech Private Project B Switch (Port 2) --> Some Tech Project B PC 1
- endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS
endpoint_a_port: 2
endpoint_b_hostname: ST_PROJ-B-PRV-PC-1
endpoint_b_port: 1
# Some Tech Private Project B Switch (Port 3) --> Some Tech Project B PC 2
- endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS
endpoint_a_port: 3
endpoint_b_hostname: ST_PROJ-B-PRV-PC-2
endpoint_b_port: 1
# Some Tech Private Project B Switch (Port 4) --> Some Tech Project B PC 3
- endpoint_a_hostname: ST_PROJ-B-PRV-SW-AS
endpoint_a_port: 4
endpoint_b_hostname: ST_PROJ-B-PRV-PC-3
endpoint_b_port: 1
#############################
# SOME_TECH PROJECT C Links #
#############################
# Some Tech Intranet Private Router DR 1 (Port 4) --> Some Tech Private Project C Switch (Port 1)
- endpoint_a_hostname: ST_INTRA-PRV-RT-DR-1
endpoint_a_port: 4
endpoint_b_hostname: ST_PROJ-C-PRV-SW-AS
endpoint_b_port: 1
# Some Tech Private Project C Switch (Port 2) --> Some Tech Project C PC 1
- endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS
endpoint_a_port: 2
endpoint_b_hostname: ST_PROJ-C-PRV-PC-1
endpoint_b_port: 1
# Some Tech Private Project C Switch (Port 3) --> Some Tech Project C PC 2
- endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS
endpoint_a_port: 3
endpoint_b_hostname: ST_PROJ-C-PRV-PC-2
endpoint_b_port: 1
# Some Tech Private Project C Switch (Port 4) --> Some Tech Project C PC 3
- endpoint_a_hostname: ST_PROJ-C-PRV-SW-AS
endpoint_a_port: 4
endpoint_b_hostname: ST_PROJ-C-PRV-PC-3
endpoint_b_port: 1
##################################
# Use Case 7 Agent YAML Anchors #
##################################
##############################
# Green Agent YAML Anchors #
##############################
# Green Agent Reward Impacts Values #
LOW_WEIGHT_IMPACT: &LOW_WEIGHT_IMPACT 0.2
MEDIUM_WEIGHT_IMPACT: &MEDIUM_WEIGHT_IMPACT 0.5
HIGH_WEIGHT_IMPACT: &HIGH_WEIGHT_IMPACT 0.95
LOW_WEIGHT_IMPACT_NEGATIVE: &LOW_WEIGHT_IMPACT_NEG -0.2
MEDIUM_WEIGHT_IMPACT_NEGATIVE: &MEDIUM_WEIGHT_IMPACT_NEG -0.5
HIGH_WEIGHT_IMPACT_NEGATIVE: &HIGH_WEIGHT_IMPACT_NEG -0.8
# Default Green Agent Action Space Configuration Anchor #
DEFAULT_GREEN_AGENT_MAX_EXECUTIONS: &DEFAULT_GREEN_AGENT_MAX_EXECUTIONS 1000 # Ensures green agent activity through-out an episode
#################################################
# Probabilistic Green Agent Config Yaml Anchors #
#################################################
# Probabilistic Green Agent | 20% node-application-execute | 80% do-nothing #
PROBABILISTIC_CONFIG_20_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_20
action_probabilities:
0: 0.8
1: 0.2
# Probabilistic Green Agent | 40% node-application-execute | 60% do-nothing #
PROBABILISTIC_CONFIG_40_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_40
action_probabilities:
0: 0.6
1: 0.4
# Probabilistic Green Agent | 60% node-application-execute | 40% do-nothing #
PROBABILISTIC_CONFIG_60_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_60
action_probabilities:
0: 0.4
1: 0.6
# System Green Agent Config UC7 Network Wide Yaml Anchor #
# Lists the IP_Address of all hosts that contain DNS and NTP Service Clients
UC7_IP_LIST: &UC7_IP_LIST
# ====== Home Office ========
- 192.168.1.2 # HOME-PUB-PC-1 | ip_id: 2
- 192.168.1.3 # HOME-PUB-PC-2 | ip_id: 3
- 192.168.1.4 # HOME-PUB-PC-SRV | ip_id: 4
# ====== Remote Site ========
- 192.168.20.2 # REM-PUB-PC-1 | ip_id: 5
- 192.168.20.3 # REM-PUB-PC-2 | ip_id: 6
- 192.168.20.4 # REM-PUB-SRV | ip_id: 7
# ====== ST Public DMZ =======
- *ST_PUB_SRV_WEB_IP # 192.168.100.2 (ST_DMZ-PUB-SRV-WEB) | ip_id: 8
# ====== ST Head Office =======
- 192.168.200.2 # ST_HO-PRV-PC-1 | ip_id: 9
- 192.168.200.3 # ST_HO-PRV-PC-2 | ip_id: 10
- 192.168.200.4 # ST_HO-PRV-PC-3 | ip_id: 11
# ===== ST Human Resources ======
- 192.168.210.2 # ST_HR-PRV-PC-1 | ip_id: 12
- 192.168.210.3 # ST_HR-PRV-PC-2 | ip_id: 13
- 192.168.210.4 # ST_HR-PRV-PC-3 | ip_id: 14
# ====== ST DATA Servers =======
- *ST_SRV_STORAGE_IP # 192.168.220.2 (ST_DATA-PRV-SRV-STORAGE) | ip_id: 15
- *ST_SRV_DB_IP # 192.168.220.3 (ST_DATA-PRV-SRV-DB) | ip_id: 16
# ====== ST Project A =======
- 192.168.230.2 # PROJ-A-PRV-PC-1 | ip_id: 17
- 192.168.230.3 # PROJ-A-PRV-PC-2 | ip_id: 18
- 192.168.230.4 # PROJ-A-PRV-PC-3 | ip_id: 19
# ====== ST Project B =======
- 192.168.240.2 # PROJ-B-PRV-PC-1 | ip_id: 20
- 192.168.240.3 # PROJ-B-PRV-PC-2 | ip_id: 21
- 192.168.240.4 # PROJ-B-PRV-PC-3 | ip_id: 22
# ====== ST Project C =======
- 192.168.250.2 # PROJ-C-PRV-PC-1 | ip_id: 23
- 192.168.250.3 # PROJ-C-PRV-PC-2 | ip_id: 24
- 192.168.250.4 # PROJ-C-PRV-PC-3 | ip_id: 25
############################################
# Use Case 7 Agent Configuration Section #
############################################
agents:
#######################################################
# UC7 Green Agents Path of Life (POL) Configuration #
#######################################################
####################################
# Home Office Network POL Config #
####################################
# Home Office Green Agent Pattern Of Life
# ======================================
# 1. Three Home workers accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB)
# 2. Three Home workers accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
- ref: HOME_WORKER-1-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["HOME-PUB-PC-1"]
target_application: "database-client"
start_step: 4
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: HOME-PUB-PC-1
- ref: HOME_WORKER-1-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
agent_settings:
<<: *GREEN_PROBABILISTIC_20
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: HOME-PUB-PC-1
application_name: web-browser
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: HOME-PUB-PC-1
- ref: HOME_WORKER-2-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["HOME-PUB-PC-2"]
target_application: "database-client"
start_step: 8
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: HOME-PUB-PC-2
- ref: HOME_WORKER-2-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: HOME-PUB-PC-2
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: HOME-PUB-PC-2
####################################
# Remote Site Network POL Config #
####################################
# Remote Site Green Agent Pattern Of Life
# ======================================
# 1. Three Remote workers accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB)
# 2. Three Remote workers accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
- ref: REMOTE_WORKER-1-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["REM-PUB-PC-1"]
target_application: "database-client"
start_step: 12
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: REM-PUB-PC-1
- ref: REMOTE_WORKER-1-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: REM-PUB-PC-1
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: REM-PUB-PC-1
- ref: REMOTE_WORKER-2-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["REM-PUB-PC-2"]
target_application: "database-client"
start_step: 16
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: REM-PUB-PC-2
- ref: REMOTE_WORKER-2-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: REM-PUB-PC-2
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: REM-PUB-PC-2
####################################
# ST Project A Network POL Config #
####################################
# ST Project A Green Agent Pattern Of Life
# ========================================
# 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB)
# 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
# 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB)
# 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
- ref: PROJ_A-SENIOR-DEV-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-1"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-A-PRV-PC-1
- ref: PROJ_A-SENIOR-DEV-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-A-PRV-PC-1
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_40
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-A-PRV-PC-1
- ref: PROJ_A-JUNIOR-DEV-1-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-2"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-A-PRV-PC-2
- ref: PROJ_A-JUNIOR-DEV-1-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-A-PRV-PC-2
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-A-PRV-PC-2
- ref: PROJ_A-JUNIOR-DEV-2-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-3"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-A-PRV-PC-3
- ref: PROJ_A-JUNIOR-DEV-2-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-A-PRV-PC-3
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-A-PRV-PC-3
####################################
# ST Project B Network POL Config #
####################################
# ST Project B Green Agent Pattern Of Life
# ========================================
# 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB)
# 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
# 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB)
# 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
- ref: PROJ_B-SENIOR-DEV-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-B-PRV-PC-1"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-B-PRV-PC-1
- ref: PROJ_B-SENIOR-DEV-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-B-PRV-PC-1
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_40
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-B-PRV-PC-1
- ref: PROJ_B-JUNIOR-DEV-1-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-B-PRV-PC-2"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-B-PRV-PC-2
- ref: PROJ_B-JUNIOR-DEV-1-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-B-PRV-PC-2
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-B-PRV-PC-2
- ref: PROJ_B-JUNIOR-DEV-2-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-B-PRV-PC-3"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-B-PRV-PC-3
- ref: PROJ_B-JUNIOR-DEV-2-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-B-PRV-PC-3
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-B-PRV-PC-3
####################################
# ST Project C Network POL Config #
####################################
# ST Project C Green Agent Pattern Of Life
# ========================================
# 1. A Senior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB)
# 2. A Senior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
# 3. Two Junior Developer accessing the SOME_TECH Private Database (ST_DATA-PRV-SRV-DB)
# 4. Two Junior Developer accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
- ref: PROJ_C-SENIOR-DEV-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-1"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-C-PRV-PC-1
- ref: PROJ_C-SENIOR-DEV-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-C-PRV-PC-1
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_40
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-C-PRV-PC-1
- ref: PROJ_C-JUNIOR-DEV-1-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-2"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-C-PRV-PC-2
- ref: PROJ_C-JUNIOR-DEV-1-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-C-PRV-PC-2
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-C-PRV-PC-2
- ref: PROJ_C-JUNIOR-DEV-2-DB
team: GREEN
type: periodic-agent
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-3"]
target_application: "database-client"
start_step: 1
start_variance: 1
max_executions: *DEFAULT_GREEN_AGENT_MAX_EXECUTIONS
frequency: 4
variance: 1
reward_function:
reward_components:
- type: green-admin-database-unreachable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-C-PRV-PC-3
- ref: PROJ_C-JUNIOR-DEV-2-WEB
team: GREEN
type: probabilistic-agent
observation_space: {}
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_PROJ-C-PRV-PC-3
application_name: web-browser
agent_settings:
<<: *GREEN_PROBABILISTIC_20
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *LOW_WEIGHT_IMPACT
options:
node_hostname: ST_PROJ-C-PRV-PC-3
######################################
# ST Head Office Network POL Config #
######################################
# ST Head Office Green Agent Pattern Of Life
# ==========================================
# 1. The ST CEO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
# 2. The ST CTO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
# 3. The ST CFO accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
- ref: CEO
team: GREEN
type: probabilistic-agent
observation_space: {}
agent_settings:
<<: *GREEN_PROBABILISTIC_60
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_HO-PRV-PC-1
application_name: web-browser
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *HIGH_WEIGHT_IMPACT
options:
node_hostname: ST_HO-PRV-PC-1
- ref: CTO
team: GREEN
type: probabilistic-agent
observation_space: {}
agent_settings:
<<: *GREEN_PROBABILISTIC_60
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_HO-PRV-PC-2
application_name: web-browser
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_HO-PRV-PC-2
- ref: CFO
team: GREEN
type: probabilistic-agent
observation_space: {}
agent_settings:
<<: *GREEN_PROBABILISTIC_60
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_HO-PRV-PC-3
application_name: web-browser
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_HO-PRV-PC-3
##########################################
# ST Human Resources Network POL Config #
##########################################
# ST Head Office Green Agent Pattern Of Life
# ==========================================
# 1. A senior HR staff accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
# 2. Two junior HR staff accessing the SOME_TECH Public web-server (ST_DMZ-PUB-SRV-WEB)
- ref: SENIOR_HR
team: GREEN
type: probabilistic-agent
observation_space: {}
agent_settings:
<<: *GREEN_PROBABILISTIC_60
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_HR-PRV-PC-1
application_name: web-browser
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_HR-PRV-PC-1
- ref: JUNIOR_HR-1
team: GREEN
type: probabilistic-agent
observation_space: {}
agent_settings:
<<: *GREEN_PROBABILISTIC_60
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_HR-PRV-PC-2
application_name: web-browser
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_HR-PRV-PC-2
- ref: JUNIOR_HR-2
team: GREEN
type: probabilistic-agent
observation_space: {}
agent_settings:
<<: *GREEN_PROBABILISTIC_60
action_space:
action_map:
0:
action: do-nothing
options: {}
1:
action: node-application-execute
options:
node_name: ST_HR-PRV-PC-3
application_name: web-browser
reward_function:
reward_components:
- type: webpage-unavailable-penalty
weight: *MEDIUM_WEIGHT_IMPACT
options:
node_hostname: ST_HR-PRV-PC-3
##########################
# UC7 Red Agent Config #
##########################
- ref: attacker
team: RED
type: tap-001
agent_settings:
start_step: 1
frequency: 5
variance: 0
repeat_kill_chain: false
repeat_kill_chain_stages: true
default_target_ip: *ST_SRV_DB_IP
default_starting_node: "ST_PROJ-A-PRV-PC-1"
# starting_nodes: ["ST_PROJ-A-PRV-PC-1", "ST_PROJ-B-PRV-PC-2", "ST_PROJ-C-PRV-PC-3"]
starting_nodes:
kill_chain:
ACTIVATE:
probability: 1
PROPAGATE:
probability: 1
scan_attempts: 20
repeat_scan: false
network_addresses:
- 192.168.230.0/29 # ST Project A
- 192.168.10.0/26 # Remote Site
- 192.168.20.0/30 # Remote DMZ
- 192.168.220.0/29 # ST Data (Contains Target)
COMMAND_AND_CONTROL:
probability: 1
keep_alive_frequency: 5
masquerade_port: HTTP
masquerade_protocol: TCP
c2_server_name: ISP-PUB-SRV-DNS
c2_server_ip: *PUBLIC_DNS_IP
PAYLOAD:
probability: 1
exfiltrate: true
corrupt: true
exfiltration_folder_name:
target_username: admin
target_password: admin
continue_on_failed_exfil: True
###########################
# UC7 Blue Agent Config #
###########################
- ref: defender
team: BLUE
type: proxy-agent
observation_space:
type: custom
options:
components:
- type: nodes
label: NODES
options:
hosts:
# TAP001 Potential Starting Note | ST_PROJ-A-PRV-PC-1
- hostname: ST_PROJ-A-PRV-PC-1
services:
- service_name: ftp-client
applications:
- application_name: ransomware-script
- application_name: database-client
folders:
- folder_name: downloads
files:
- file_name: malware_dropper.ps1
- folder_name: exfiltration_folder
files:
- file_name: database.db
# TAP001 Potential Starting Note | ST_PROJ-B-PRV-PC-2
- hostname: ST_PROJ-B-PRV-PC-2
services:
- service_name: ftp-client
applications:
- application_name: ransomware-script
- application_name: database-client
folders:
- folder_name: downloads
files:
- file_name: malware_dropper.ps1
- folder_name: exfiltration_folder
files:
- file_name: database.db
# TAP001 Potential Starting Note | ST_PROJ-C-PRV-PC-3
- hostname: ST_PROJ-C-PRV-PC-3
services:
- service_name: ftp-client
applications:
- application_name: ransomware-script
- application_name: database-client
folders:
- folder_name: downloads
files:
- file_name: malware_dropper.ps1
- folder_name: exfiltration_folder
files:
- file_name: database.db
# ST DATA Server Database
- hostname: ST_DATA-PRV-SRV-DB
folders:
- folder_name: database
files:
- file_name: database.db
routers:
- hostname: ST_INTRA-PRV-RT-CR # TAP003 Malicious ACL Target | ROUTER0
- hostname: ST_INTRA-PRV-RT-DR-1 # TAP003 Malicious ACL Target | ROUTER1
- hostname: REM-PUB-RT-DR # TAP003 Malicious ACL Target | ROUTER2
num_ports: 5
num_services: 2
num_applications: 2
num_folders: 2
num_files: 1
num_nics: 1
ip_list:
# ip_list is indexed at 2:
# 0 reserved for padding to align with observations
# 1 reserved for ALL ips
*UC7_IP_LIST
wildcard_list:
- 0.0.0.1 # 0
- 0.0.0.255 # 1
- 0.0.255.255 # 2
port_list:
# 0 is a padding placeholder
# 1 means ALL ports
- FTP # 2
- DNS # 3
- HTTP # 4
- NTP # 5
- POSTGRES_SERVER # 6
- SSH # 7
protocol_list:
# 0 is padding placeholder
# 1 means ALL protocols
- ICMP # 2
- TCP # 3
- UDP # 4
num_rules: 5
include_num_access: true
include_nmne: true
monitored_traffic:
tcp:
- HTTP
- POSTGRES_SERVER
icmp:
- NONE
- type: links
label: LINKS
options:
link_references:
# HOME OFFICE SUBNET LINKS
- HOME-PUB-SW-AS:eth-1<->HOME-PUB-RT-DR:eth-1 # 1
- HOME-PUB-SW-AS:eth-1<->HOME-PUB-PC-1:eth-1 # 2
- HOME-PUB-SW-AS:eth-1<->HOME-PUB-PC-2:eth-1 # 3
- HOME-PUB-SW-AS:eth-1<->HOME-PUB-SRV:eth-1 # 4
# Internet LINKS
- ISP-PUB-RT-BR:eth-1<->HOME-PUB-RT-DR:eth-2 # 5
- ISP-PUB-RT-BR:eth-2<->ISP-PUB-SRV-DNS:eth-1 # 6
- ISP-PUB-RT-BR:eth-3<->REM-PUB-FW:eth-1 # 7
# Remote DMZ Links
- REM-PUB-FW:eth-2<->REM-PUB-RT-DR:eth-1 # 8
# Remote Site Links
- REM-PUB-RT-DR:eth-2<->REM-PUB-SW-AS:eth-1 # 9
- REM-PUB-SW-AS:eth-2<->REM-PUB-PC-1:eth-1 # 10
- REM-PUB-SW-AS:eth-3<->REM-PUB-PC-2:eth-1 # 11
- REM-PUB-SW-AS:eth-4<->REM-PUB-SRV:eth-1 # 12
# SOME_TECH DMZ
- ISP-PUB-RT-BR:eth-4<->ST_PUB-FW:eth-1 # 13
- ST_PUB-FW:eth-3<->ST_DMZ-PUB-SRV-WEB:eth-1 # 14
# SOME_TECH Intranet
- ST_INTRA-PRV-RT-CR:eth-1<->ST_PUB-FW:eth-2 # 15
- ST_INTRA-PRV-RT-CR:eth-2<->ST_INTRA-PRV-RT-DR-1:eth-1 # 16
- ST_INTRA-PRV-RT-CR:eth-3<->ST_INTRA-PRV-RT-DR-2:eth-1 # 17
- ST_INTRA-PRV-RT-CR:eth-4<->ST_DATA-PRV-SW-AS:eth-1 # 18
# SOME_TECH Head Office
- ST_HO-PRV-SW-AS:eth-1<->ST_INTRA-PRV-RT-DR-2:eth-2 # 19
- ST_HO-PRV-SW-AS:eth-2<->ST_HO-PRV-PC-1:eth-1 # 20
- ST_HO-PRV-SW-AS:eth-3<->ST_HO-PRV-PC-2:eth-1 # 21
- ST_HO-PRV-SW-AS:eth-4<->ST_HO-PRV-PC-3:eth-1 # 22
# SOME_TECH Human Resources
- ST_HR-PRV-SW-AS:eth-1<->ST_INTRA-PRV-RT-DR-2:eth-3 # 23
- ST_HR-PRV-SW-AS:eth-2<->ST_HR-PRV-PC-1:eth-1 # 24
- ST_HR-PRV-SW-AS:eth-3<->ST_HR-PRV-PC-2:eth-1 # 25
- ST_HR-PRV-SW-AS:eth-4<->ST_HR-PRV-PC-3:eth-1 # 26
# SOME_TECH Data Links
- ST_DATA-PRV-SW-AS:eth-2<->ST_DATA-PRV-SRV-STORAGE:eth-1 # 27
- ST_DATA-PRV-SW-AS:eth-3<->ST_DATA-PRV-SRV-DB:eth-1 # 28
# SOME_TECH Project A Links
- ST_INTRA-PRV-RT-DR-1:eth-2<->ST_PROJ-A-PRV-SW-AS:eth-1 # 29
- ST_PROJ-A-PRV-SW-AS:eth2<->ST_PROJ-A-PRV-PC-1:eth-1 # 31
- ST_PROJ-A-PRV-SW-AS:eth3<->ST_PROJ-A-PRV-PC-2:eth-1 # 32
- ST_PROJ-A-PRV-SW-AS:eth4<->ST_PROJ-A-PRV-PC-3:eth-1 # 33
# SOME_TECH Project B Links
- ST_INTRA-PRV-RT-DR-1:eth-3<->ST_PROJ-B-PRV-SW-AS:eth-1 # 34
- ST_PROJ-B-PRV-SW-AS:eth2<->ST_PROJ-B-PRV-PC-1:eth-1 # 35
- ST_PROJ-B-PRV-SW-AS:eth3<->ST_PROJ-B-PRV-PC-2:eth-1 # 36
- ST_PROJ-B-PRV-SW-AS:eth4<->ST_PROJ-B-PRV-PC-3:eth-1 # 37
# SOME_TECH Project C Links
- ST_INTRA-PRV-RT-DR-1:eth-4<->ST_PROJ-C-PRV-SW-AS:eth-1 # 38
- ST_PROJ-A-PRV-SW-AS:eth2<->ST_PROJ-C-PRV-PC-1:eth-1 # 39
- ST_PROJ-A-PRV-SW-AS:eth3<->ST_PROJ-C-PRV-PC-2:eth-1 # 40
- ST_PROJ-A-PRV-SW-AS:eth4<->ST_PROJ-C-PRV-PC-3:eth-1 # 41
action_space:
action_map:
0:
action: do-nothing
options: {}
# |======================================|
# | ST_PROJ-A-PRV-PC-1 |
# |======================================|
# ST_PROJ-A-PRV-PC-1 | node-os-scan
1:
action: node-os-scan
options:
node_name: ST_PROJ-A-PRV-PC-1
# ST_PROJ-A-PRV-PC-1 | node-shutdown
2:
action: node-shutdown
options:
node_name: ST_PROJ-A-PRV-PC-1
# ST_PROJ-A-PRV-PC-1 | node-startup
3:
action: node-startup
options:
node_name: ST_PROJ-A-PRV-PC-1
# ST_PROJ-A-PRV-PC-1 | node-reset
4:
action: node-reset
options:
node_name: ST_PROJ-A-PRV-PC-1
# ST_PROJ-A-PRV-PC-1 | host-nic-disable
5:
action: host-nic-disable
options:
node_name: ST_PROJ-A-PRV-PC-1
nic_num: 0
# ST_PROJ-A-PRV-PC-1 | host-nic-enable
6:
action: host-nic-enable
options:
node_name: ST_PROJ-A-PRV-PC-1
nic_num: 0
# ST_PROJ-A-PRV-PC-1 | node-application-close | database-client
7:
action: node-application-close
options:
node_name: ST_PROJ-A-PRV-PC-1
application_name: database-client
# ST_PROJ-A-PRV-PC-1 | node-application-scan | database-client
8:
action: node-application-scan
options:
node_name: ST_PROJ-A-PRV-PC-1
application_name: database-client
# ST_PROJ-A-PRV-PC-1 | node-application-fix | database-client
9:
action: node-application-fix
options:
node_name: ST_PROJ-A-PRV-PC-1
application_name: database-client
# ST_PROJ-A-PRV-PC-1 | node-application-remove | database-client
10:
action: node-application-remove
options:
node_name: ST_PROJ-A-PRV-PC-1
application_name: database-client
# ST_PROJ-A-PRV-PC-1 | node-file-scan | downloads/malware_dropper.ps1
11:
action: node-file-scan
options:
node_name: ST_PROJ-A-PRV-PC-1
folder_name: downloads
file_name: malware_dropper.ps1
# ST_PROJ-A-PRV-PC-1 | node-file-scan | exfiltration_folder/database.db
12:
action: node-file-scan
options:
node_name: ST_PROJ-A-PRV-PC-1
folder_name: exfiltration_folder
file_name: database.db
# ST_PROJ-A-PRV-PC-1 | node-folder-scan | downloads/
13:
action: node-folder-scan
options:
node_name: ST_PROJ-A-PRV-PC-1
folder_name: downloads
# ST_PROJ-A-PRV-PC-1 | node-folder-scan | exfiltration_folder/
14:
action: node-folder-scan
options:
node_name: ST_PROJ-A-PRV-PC-1
folder_name: exfiltration_folder
# |======================================|
# | ST_PROJ-B-PRV-PC-2 |
# |======================================|
# ST_PROJ-B-PRV-PC-2 | node-os-scan
15:
action: node-os-scan
options:
node_name: ST_PROJ-B-PRV-PC-2
# ST_PROJ-B-PRV-PC-2 | node-shutdown
16:
action: node-shutdown
options:
node_name: ST_PROJ-B-PRV-PC-2
# ST_PROJ-B-PRV-PC-2 | node-startup
17:
action: node-startup
options:
node_name: ST_PROJ-B-PRV-PC-2
# ST_PROJ-B-PRV-PC-2 | node-reset
18:
action: node-reset
options:
node_name: ST_PROJ-B-PRV-PC-2
# ST_PROJ-B-PRV-PC-2 | host-nic-disable
19:
action: host-nic-disable
options:
node_name: ST_PROJ-B-PRV-PC-2
nic_num: 0
# ST_PROJ-B-PRV-PC-2 | host-nic-enable
20:
action: host-nic-enable
options:
node_name: ST_PROJ-B-PRV-PC-2
nic_num: 0
# ST_PROJ-B-PRV-PC-2 | node-application-close | database-client
21:
action: node-application-close
options:
node_name: ST_PROJ-B-PRV-PC-2
application_name: database-client
# ST_PROJ-B-PRV-PC-2 | node-application-scan | database-client
22:
action: node-application-scan
options:
node_name: ST_PROJ-B-PRV-PC-2
application_name: database-client
# ST_PROJ-B-PRV-PC-2 | node-application-fix | database-client
23:
action: node-application-fix
options:
node_name: ST_PROJ-B-PRV-PC-2
application_name: database-client
# ST_PROJ-B-PRV-PC-2 | node-application-remove | database-client
24:
action: node-application-remove
options:
node_name: ST_PROJ-B-PRV-PC-2
application_name: database-client
# ST_PROJ-B-PRV-PC-2 | node-file-scan | downloads/malware_dropper.ps1
25:
action: node-file-scan
options:
node_name: ST_PROJ-B-PRV-PC-2
folder_name: downloads
file_name: malware_dropper.ps1
# ST_PROJ-B-PRV-PC-2 | node-file-scan | exfiltration_folder/database.db
26:
action: node-file-scan
options:
node_name: ST_PROJ-B-PRV-PC-2
folder_name: exfiltration_folder
file_name: database.db
# ST_PROJ-B-PRV-PC-2 | node-folder-scan | downloads/
27:
action: node-folder-scan
options:
node_name: ST_PROJ-B-PRV-PC-2
folder_name: downloads
# ST_PROJ-B-PRV-PC-2 | node-folder-scan | exfiltration_folder/
28:
action: node-folder-scan
options:
node_name: ST_PROJ-B-PRV-PC-2
folder_name: exfiltration_folder
# |======================================|
# | ST_PROJ-C-PRV-PC-3 |
# |======================================|
# ST_PROJ-C-PRV-PC-3 | node-os-scan
29:
action: node-os-scan
options:
node_name: ST_PROJ-C-PRV-PC-3
# ST_PROJ-C-PRV-PC-3 | node-shutdown
30:
action: node-shutdown
options:
node_name: ST_PROJ-C-PRV-PC-3
# ST_PROJ-C-PRV-PC-3 | node-startup
31:
action: node-startup
options:
node_name: ST_PROJ-C-PRV-PC-3
# ST_PROJ-C-PRV-PC-3 | node-reset
32:
action: node-reset
options:
node_name: ST_PROJ-C-PRV-PC-3
# ST_PROJ-C-PRV-PC-3 | host-nic-disable
33:
action: host-nic-disable
options:
node_name: ST_PROJ-C-PRV-PC-3
nic_num: 0
# ST_PROJ-C-PRV-PC-3 | host-nic-enable
34:
action: host-nic-enable
options:
node_name: ST_PROJ-C-PRV-PC-3
nic_num: 0
# ST_PROJ-C-PRV-PC-3 | node-application-close | database-client
35:
action: node-application-close
options:
node_name: ST_PROJ-C-PRV-PC-3
application_name: database-client
# ST_PROJ-C-PRV-PC-3 | node-application-scan | database-client
36:
action: node-application-scan
options:
node_name: ST_PROJ-C-PRV-PC-3
application_name: database-client
# ST_PROJ-C-PRV-PC-3 | node-application-fix | database-client
37:
action: node-application-fix
options:
node_name: ST_PROJ-C-PRV-PC-3
application_name: database-client
# ST_PROJ-C-PRV-PC-3 | node-application-remove | database-client
38:
action: node-application-remove
options:
node_name: ST_PROJ-C-PRV-PC-3
application_name: database-client
# ST_PROJ-C-PRV-PC-3 | node-file-scan | downloads/malware_dropper.ps1
39:
action: node-file-scan
options:
node_name: ST_PROJ-C-PRV-PC-3
folder_name: downloads
file_name: malware_dropper.ps1
# ST_PROJ-C-PRV-PC-3 | node-file-scan | exfiltration_folder/database.db
40:
action: node-file-scan
options:
node_name: ST_PROJ-C-PRV-PC-3
folder_name: exfiltration_folder
file_name: database.db
# ST_PROJ-C-PRV-PC-3 | node-folder-scan | downloads/
41:
action: node-folder-scan
options:
node_name: ST_PROJ-C-PRV-PC-3
folder_name: downloads
# ST_PROJ-C-PRV-PC-3 | node-folder-scan | exfiltration_folder/
42:
action: node-folder-scan
options:
node_name: ST_PROJ-C-PRV-PC-3
folder_name: exfiltration_folder
# |======================================|
# | ST_INTRA-PRV-RT-CR |
# |======================================|
# ST_INTRA-PRV-RT-CR | router-acl-add-rule | P2: ST_PROJ-A-PRV-PC-1 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER)
43:
action: router-acl-add-rule
options:
target_router: ST_INTRA-PRV-RT-CR
position: 1
permission: DENY
src_ip: 192.168.230.2 # (ST_PROJ-A-PRV-PC-1)
src_wildcard: 0.0.255.255
src_port: POSTGRES_SERVER
dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB)
dst_wildcard: 0.0.255.255
dst_port: POSTGRES_SERVER
protocol_name: TCP
# ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 1
44:
action: router-acl-remove-rule
options:
target_router: ST_INTRA-PRV-RT-CR
position: 1
# ST_INTRA-PRV-RT-CR | router-acl-add-rule | P3: ST_PROJ-B-PRV-PC-2 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER)
45:
action: router-acl-add-rule
options:
target_router: ST_INTRA-PRV-RT-CR
position: 2
permission: DENY
src_ip: 192.168.240.3 # (ST_PROJ-B-PRV-PC-2)
src_wildcard: 0.0.255.255
src_port: POSTGRES_SERVER
dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB)
dst_wildcard: 0.0.255.255
dst_port: POSTGRES_SERVER
protocol_name: TCP
# ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 2
46:
action: router-acl-remove-rule
options:
target_router: ST_INTRA-PRV-RT-CR
position: 2
# ST_INTRA-PRV-RT-CR | router-acl-add-rule | P4: ST_PROJ-C-PRV-PC-3 !==> ST_DATA-PRV-SRV-DB (TCP:POSTGRES_SERVER)
47:
action: router-acl-add-rule
options:
target_router: ST_INTRA-PRV-RT-CR
position: 3
permission: DENY
src_ip: 192.168.250.4 # (ST_PROJ-C-PRV-PC-3)
src_wildcard: 0.0.255.255
src_port: POSTGRES_SERVER
dst_ip: 192.168.220.3 # (ST_DATA-PRV-SRV-DB)
dst_wildcard: 0.0.255.255
dst_port: POSTGRES_SERVER
protocol_name: TCP
# ST_INTRA-PRV-RT-CR | REMOVE_ACL_ADDRULE | Removes a given ACL at position 3
48:
action: router-acl-remove-rule
options:
target_router: ST_INTRA-PRV-RT-CR
position: 3
# |======================================|
# | ST_DATA-PRV-SRV-DB |
# |======================================|
# ST_DATA-PRV-SRV-DB | node-file-scan | Scans the database.db file (health status)
49:
action: node-file-scan
options:
node_name: ST_DATA-PRV-SRV-DB
folder_name: database
file_name: database.db
# ST_DATA-PRV-SRV-DB | node-account-change-password | Changes the password of a user account
50:
action: node-account-change-password
options:
node_name: ST_DATA-PRV-SRV-DB
username: admin # default account
current_password: admin # default password
new_password: thr33_alert_wolv3z # A more 'secure' password
# |======================================|
# | ST_INTRA-PRV-RT-DR-1 |
# |======================================|
# ST_INTRA-PRV-RT-DR-1 | router-acl-add-rule | P1: ST_INTRA-PRV-RT-DR-1 !==> ANY (TCP:SSH)
51:
action: router-acl-add-rule
options:
target_router: ST_INTRA-PRV-RT-DR-1
position: 1
permission: DENY
src_ip: 192.168.230.2 # (ST_PROJ-A-PRV-PC-1)
src_wildcard: 0.0.255.255
src_port: SSH
dst_ip: ALL
dst_wildcard: 0.0.255.255
dst_port: SSH
protocol_name: TCP
# ST_INTRA-PRV-RT-DR-1 | node-account-change-password
52:
action: node-account-change-password
options:
node_name: ST_INTRA-PRV-RT-DR-1
username: admin
current_password: admin
new_password: secure_password
# ST_INTRA-PRV-RT-DR-1 | router-acl-remove-rule | Removes the given ACL at position 1
53:
action: router-acl-remove-rule
options:
target_router: ST_INTRA-PRV-RT-DR-1
position: 1
# |======================================|
# | REM-PUB-RT-DR |
# |======================================|
# REM-PUB-RT-DR | node-account-change-password
54:
action: node-account-change-password
options:
node_name: REM-PUB-RT-DR
username: admin
current_password: admin
new_password: secure_password
# REM-PUB-RT-DR | router-acl-remove-rule | Removes the given ACL at position 1
55:
action: router-acl-remove-rule
options:
target_router: REM-PUB-RT-DR
position: 1
reward_function:
reward_components:
- type: database-file-integrity
weight: *HIGH_WEIGHT_IMPACT
options:
node_hostname: ST_DATA-PRV-SRV-DB
folder_name: database
file_name: database.db
# Home Site Green Agents (32 Green Agents each contributing 0.03125 of blue reward)
# Blue Shared Reward | HOME_WORKER-1-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: HOME_WORKER-1-DB
# Blue Shared Reward | HOME_WORKER-1-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: HOME_WORKER-1-WEB
# Blue Shared Reward | HOME_WORKER-2-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: HOME_WORKER-2-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: HOME_WORKER-2-WEB
# Remote Site Green Agents
# Blue Shared Reward | REMOTE_WORKER-1-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: REMOTE_WORKER-1-DB
# Blue Shared Reward | REMOTE_WORKER-1-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: REMOTE_WORKER-1-WEB
# Blue Shared Reward | REMOTE_WORKER-2-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: REMOTE_WORKER-2-DB
# Blue Shared Reward | REMOTE_WORKER-2-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: REMOTE_WORKER-2-WEB
# ST Project A Green Agents
# Blue Shared Reward | PROJ_A-SENIOR-DEV-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_A-SENIOR-DEV-DB
# Blue Shared Reward | PROJ_A-SENIOR-DEV-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_A-SENIOR-DEV-WEB
# Blue Shared Reward | PROJ_A-JUNIOR-DEV-1-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_A-JUNIOR-DEV-1-DB
# Blue Shared Reward | PROJ_A-JUNIOR-DEV-1-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_A-JUNIOR-DEV-1-WEB
# Blue Shared Reward | PROJ_A-JUNIOR-DEV-2-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_A-JUNIOR-DEV-2-DB
# Blue Shared Reward | PROJ_A-JUNIOR-DEV-2-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_A-JUNIOR-DEV-2-WEB
# ST Project B Green Agents
# Blue Shared Reward | PROJ_B-SENIOR-DEV-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-SENIOR-DEV-DB
# Blue Shared Reward | PROJ_B-SENIOR-DEV-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-SENIOR-DEV-WEB
# Blue Shared Reward | PROJ_B-JUNIOR-DEV-1-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-JUNIOR-DEV-1-DB
# Blue Shared Reward | PROJ_B-JUNIOR-DEV-1-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-JUNIOR-DEV-1-WEB
# Blue Shared Reward | PROJ_B-JUNIOR-DEV-2-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-JUNIOR-DEV-2-DB
# Blue Shared Reward | PROJ_B-JUNIOR-DEV-2-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-JUNIOR-DEV-2-WEB
# ST Project C Green Agents
# Blue Shared Reward | PROJ_B-SENIOR-DEV-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-SENIOR-DEV-DB
# Blue Shared Reward | PROJ_B-SENIOR-DEV-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-SENIOR-DEV-WEB
# Blue Shared Reward | PROJ_B-JUNIOR-DEV-1-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-JUNIOR-DEV-1-DB
# Blue Shared Reward | PROJ_B-JUNIOR-DEV-1-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-JUNIOR-DEV-1-WEB
# Blue Shared Reward | PROJ_B-JUNIOR-DEV-2-DB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-JUNIOR-DEV-2-DB
# Blue Shared Reward | PROJ_B-JUNIOR-DEV-2-WEB
- type: shared-reward
weight: 0.03125
options:
agent_name: PROJ_B-JUNIOR-DEV-2-WEB
# ST Head Office Green Agents (CEO/CFO/CTO)
# Blue Shared Reward | CEO
- type: shared-reward
weight: 0.03125
options:
agent_name: CEO
# Blue Shared Reward | CFO
- type: shared-reward
weight: 0.03125
options:
agent_name: CFO
# Blue Shared Reward | CTO
- type: shared-reward
weight: 0.03125
options:
agent_name: CTO
# ST Human Resources Green Agents
# Blue Shared Reward | SENIOR_HR
- type: shared-reward
weight: 0.03125
options:
agent_name: SENIOR_HR
# Blue Shared Reward | SENIOR_HR
- type: shared-reward
weight: 0.03125
options:
agent_name: JUNIOR_HR-1
# Blue Shared Reward | SENIOR_HR
- type: shared-reward
weight: 0.03125
options:
agent_name: JUNIOR_HR-2
agent_settings:
flatten_obs: True
Reference in New Issue View Git Blame Copy Permalink