forked from p34709852/monkey
Merge pull request #1492 from guardicore/1484/faq-network-limitations
docs: Add faq for limiting monkey propagation
This commit is contained in:
commit
67262e19d1
|
@ -26,6 +26,7 @@ Below are some of the most common questions we receive about the Infection Monke
|
||||||
- [After I've set up Monkey Island, how can I execute the Infection Monkey?](#after-ive-set-up-monkey-island-how-can-i-execute-the-infection-monkey-agent)
|
- [After I've set up Monkey Island, how can I execute the Infection Monkey?](#after-ive-set-up-monkey-island-how-can-i-execute-the-infection-monkey-agent)
|
||||||
- [How can I make the Infection Monkey agents propagate “deeper” into the network?](#how-can-i-make-the-infection-monkey-agent-propagate-deeper-into-the-network)
|
- [How can I make the Infection Monkey agents propagate “deeper” into the network?](#how-can-i-make-the-infection-monkey-agent-propagate-deeper-into-the-network)
|
||||||
- [What if the report returns a blank screen?](#what-if-the-report-returns-a-blank-screen)
|
- [What if the report returns a blank screen?](#what-if-the-report-returns-a-blank-screen)
|
||||||
|
- [Can I limit how the Infection Monkey propagates through my network?](#can-i-limit-how-the-infection-monkey-propagates-through-my-network)
|
||||||
- [How can I get involved with the project?](#how-can-i-get-involved-with-the-project)
|
- [How can I get involved with the project?](#how-can-i-get-involved-with-the-project)
|
||||||
|
|
||||||
## Where can I get the latest version of the Infection Monkey?
|
## Where can I get the latest version of the Infection Monkey?
|
||||||
|
@ -224,6 +225,58 @@ This is sometimes caused when Monkey Island is installed with an old version of
|
||||||
- **Linux**: First, uninstall the current version with `sudo apt uninstall mongodb` and then install the latest version using the [official MongoDB manual](https://docs.mongodb.com/manual/administration/install-community/).
|
- **Linux**: First, uninstall the current version with `sudo apt uninstall mongodb` and then install the latest version using the [official MongoDB manual](https://docs.mongodb.com/manual/administration/install-community/).
|
||||||
- **Windows**: First, remove the MongoDB binaries from the `monkey\monkey_island\bin\mongodb` folder. Download and install the latest version of MongoDB using the [official MongoDB manual](https://docs.mongodb.com/manual/administration/install-community/). After installation is complete, copy the files from the `C:\Program Files\MongoDB\Server\4.2\bin` folder to the `monkey\monkey_island\bin\mongodb folder`. Try to run the Monkey Island again and everything should work.
|
- **Windows**: First, remove the MongoDB binaries from the `monkey\monkey_island\bin\mongodb` folder. Download and install the latest version of MongoDB using the [official MongoDB manual](https://docs.mongodb.com/manual/administration/install-community/). After installation is complete, copy the files from the `C:\Program Files\MongoDB\Server\4.2\bin` folder to the `monkey\monkey_island\bin\mongodb folder`. Try to run the Monkey Island again and everything should work.
|
||||||
|
|
||||||
|
## Can I limit how the Infection Monkey propagates through my network?
|
||||||
|
|
||||||
|
Yes! To limit how the Infection Monkey propagates through your network, you can:
|
||||||
|
|
||||||
|
#### Adjust the scan depth
|
||||||
|
|
||||||
|
The scan depth limits the number of hops that the Infection Monkey agent will
|
||||||
|
spread from patient zero. If you set the scan depth to one, the agent will only
|
||||||
|
reach a single hop from the initially infected machine. Scan depth does not
|
||||||
|
limit the number of devices, just the number of hops.
|
||||||
|
|
||||||
|
- **Example**: In this example, the scan depth is set to two. _Host A_ scans the
|
||||||
|
network and finds hosts _B, C, D_ and _E_. The Infection Monkey agent
|
||||||
|
successfully propagates from _Host A_ to _Host C_. Since the scan depth is 2,
|
||||||
|
the agent will pivot from _Host C_ and continue to scan other machines on the
|
||||||
|
network. However, if _Host C_ successfully breaches _Host E_, it will not pivot
|
||||||
|
further nor continue to scan or propagate.
|
||||||
|
|
||||||
|
![What is scan depth](/images/faq/propagation_depth_diagram.png "What is scan
|
||||||
|
depth")
|
||||||
|
|
||||||
|
|
||||||
|
#### Enable or disable scanning the local subnet
|
||||||
|
|
||||||
|
You can find the settings that define how the Infection Monkey will scan your
|
||||||
|
network in `Configuration -> Network`. Each agent will scan its entire local
|
||||||
|
subnet by default, but you can disable this behavior by unchecking the `Local
|
||||||
|
network scan` button.
|
||||||
|
|
||||||
|
#### Add IPs to the IP allow list
|
||||||
|
|
||||||
|
You can specify which hosts you want the Infection Monkey agents to attempt to
|
||||||
|
scan in the `Configuration -> Network -> Scan target list` section.
|
||||||
|
|
||||||
|
#### Add IPs to the IP block list
|
||||||
|
|
||||||
|
|
||||||
|
If there are any hosts on your network that you would like to prevent the
|
||||||
|
Infection Monkey from scanning or exploiting, you can add them to the list of
|
||||||
|
"Blocked IPs" in `Configuration -> Network -> Blocked IPs`.
|
||||||
|
|
||||||
|
#### Specify max number of victims to find/exploit
|
||||||
|
|
||||||
|
Two settings in `Configuration -> Internal -> Monkey` allow you to further
|
||||||
|
limit the Infection Monkey's propagation:
|
||||||
|
|
||||||
|
- **Max victims to find**: This limits the total number of machines that the
|
||||||
|
Infection Monkey is allowed to scan.
|
||||||
|
- **Max victims to exploit**: This limits the total number of machines that the
|
||||||
|
Infection Monkey is allowed to successfully exploit.
|
||||||
|
|
||||||
|
|
||||||
## How can I get involved with the project?
|
## How can I get involved with the project?
|
||||||
|
|
||||||
Infection Monkey is an open-source project, and we welcome contributions and contributors. Check out the [contribution documentation]({{< ref "/development" >}}) for more information.
|
Infection Monkey is an open-source project, and we welcome contributions and contributors. Check out the [contribution documentation]({{< ref "/development" >}}) for more information.
|
||||||
|
|
Binary file not shown.
After Width: | Height: | Size: 170 KiB |
Loading…
Reference in New Issue