diff --git a/monkey/infection_monkey/model/host.py b/monkey/infection_monkey/model/host.py
index 1a4fef1c8..d71446108 100644
--- a/monkey/infection_monkey/model/host.py
+++ b/monkey/infection_monkey/model/host.py
@@ -7,6 +7,7 @@ class VictimHost(object):
self.domain_name = str(domain_name)
self.os = {}
self.services = {}
+ self.icmp = False
self.monkey_exe = None
self.default_tunnel = None
self.default_server = None
@@ -40,7 +41,7 @@ class VictimHost(object):
victim += "] Services - ["
for k, v in list(self.services.items()):
victim += "%s-%s " % (k, v)
- victim += '] '
+ victim += '] ICMP: %s ' % (self.icmp)
victim += "target monkey: %s" % self.monkey_exe
return victim
diff --git a/monkey/infection_monkey/network/ping_scanner.py b/monkey/infection_monkey/network/ping_scanner.py
index 27c814593..fd19550a3 100644
--- a/monkey/infection_monkey/network/ping_scanner.py
+++ b/monkey/infection_monkey/network/ping_scanner.py
@@ -62,6 +62,9 @@ class PingScanner(HostScanner, HostFinger):
host.os['type'] = 'linux'
else: # as far we we know, could also be OSX/BSD but lets handle that when it comes up.
host.os['type'] = 'windows'
+
+ host.icmp = True
+
return True
except Exception as exc:
LOG.debug("Error parsing ping fingerprint: %s", exc)
diff --git a/monkey/monkey_island/cc/services/reporting/report.py b/monkey/monkey_island/cc/services/reporting/report.py
index d60d53dec..1e77065d4 100644
--- a/monkey/monkey_island/cc/services/reporting/report.py
+++ b/monkey/monkey_island/cc/services/reporting/report.py
@@ -510,6 +510,7 @@ class ReportService:
'hostname': monkey['hostname'],
'target': target_ip,
'services': scan['data']['machine']['services'],
+ 'icmp': scan['data']['machine']['icmp'],
'is_self': False
})
@@ -544,7 +545,7 @@ class ReportService:
@staticmethod
def get_cross_segment_issues():
scans = mongo.db.telemetry.find({'telem_category': 'scan'},
- {'monkey_guid': 1, 'data.machine.ip_addr': 1, 'data.machine.services': 1})
+ {'monkey_guid': 1, 'data.machine.ip_addr': 1, 'data.machine.services': 1, 'data.machine.icmp': 1})
cross_segment_issues = []
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
index 63749ced1..1d6072ece 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
@@ -451,25 +451,64 @@ class ReportPageComponent extends AuthComponent {
}
generateCrossSegmentIssue(crossSegmentIssue) {
- let crossSegmentIssueOverview = 'Communication possible from ' + crossSegmentIssue['source_subnet'] + ' to ' + crossSegmentIssue['target_subnet']
- return
- {crossSegmentIssueOverview}
-
+ let crossSegmentIssueOverview = 'Communication possible from '
+ + `${crossSegmentIssue['source_subnet']} to ${crossSegmentIssue['target_subnet']}`;
+
+ return (
+
+ {crossSegmentIssueOverview}
+
+
+ {crossSegmentIssue['issues'].map(
+ issue => this.generateCrossSegmentIssueListItem(issue)
+ )}
+
+
+
+ );
+ }
+
+ generateCrossSegmentIssueListItem(issue) {
+ if (issue['is_self']) {
+ return this.generateCrossSegmentSingleHostMessage(issue);
+ }
+
+ return this.generateCrossSegmentMultiHostMessage(issue);
+ }
+
+ generateCrossSegmentSingleHostMessage(issue) {
+ return (
+
+ {`Machine ${issue['hostname']} has both ips: ${issue['source']} and ${issue['target']}`}
+
+ );
+ }
+
+ generateCrossSegmentMultiHostMessage(issue) {
+ return (
+
+ IP {issue['source']} ({issue['hostname']}) was able to communicate with
+ IP {issue['target']} using:
- {crossSegmentIssue['issues'].map(x =>
- x['is_self'] ?
- -
- {'Machine ' + x['hostname'] + ' has both ips: ' + x['source'] + ' and ' + x['target']}
-
- :
- -
- {'IP ' + x['source'] + ' (' + x['hostname'] + ') connected to IP ' + x['target']
- + ' using the services: ' + Object.keys(x['services']).join(', ')}
-
- )}
+ {issue['icmp'] && - ICMP
}
+ {this.generateCrossSegmentServiceListItems(issue)}
-
- ;
+
+ );
+ }
+
+ generateCrossSegmentServiceListItems(issue) {
+ let service_list_items = [];
+
+ for (const [service, info] of Object.entries(issue['services'])) {
+ service_list_items.push(
+
+ {service} ({info['display_name']})
+
+ );
+ }
+
+ return service_list_items;
}
generateShellshockPathListBadges(paths) {
diff --git a/monkey/monkey_island/cc/ui/src/styles/pages/report/ReportPage.scss b/monkey/monkey_island/cc/ui/src/styles/pages/report/ReportPage.scss
index 5fb8252fe..088e012f3 100644
--- a/monkey/monkey_island/cc/ui/src/styles/pages/report/ReportPage.scss
+++ b/monkey/monkey_island/cc/ui/src/styles/pages/report/ReportPage.scss
@@ -76,3 +76,12 @@ div.report-wrapper .nav-tabs > .nav-item > a:hover:not(.active), .nav-tabs > .n
text-decoration: none;
background-color: $light-gray;
}
+
+ul.cross-segment-issues {
+ list-style-type: none;
+ padding: 0px;
+ margin: 0px;
+}
+span.cross-segment-service {
+ text-transform: uppercase;
+}