Island: Remove TunnelTelem

monkey/common/common_consts/telem_categories.py

@@ -8,4 +8,3 @@ class TelemCategoryEnum:
     SCAN = "scan"
     STATE = "state"
     TRACE = "trace"
-    TUNNEL = "tunnel"

monkey/monkey_island/cc/resources/telemetry_feed.py

@@ -64,16 +64,6 @@ class TelemetryFeed(AbstractResource):
     def get_telem_brief_parser_by_category(telem_category):
         return TELEM_PROCESS_DICT[telem_category]
 
-    @staticmethod
-    def get_tunnel_telem_brief(telem):
-        tunnel = telem["data"]["proxy"]
-        if tunnel is None:
-            return "No tunnel is used."
-        else:
-            tunnel_host_ip = tunnel.split(":")[-2].replace("//", "")
-            tunnel_host = NodeService.get_monkey_by_ip(tunnel_host_ip)["hostname"]
-            return "Tunnel set up to machine: %s." % tunnel_host
-
     @staticmethod
     def get_state_telem_brief(telem):
         if telem["data"]["done"]:
@@ -132,7 +122,6 @@ TELEM_PROCESS_DICT = {
     TelemCategoryEnum.SCAN: TelemetryFeed.get_scan_telem_brief,
     TelemCategoryEnum.STATE: TelemetryFeed.get_state_telem_brief,
     TelemCategoryEnum.TRACE: TelemetryFeed.get_trace_telem_brief,
-    TelemCategoryEnum.TUNNEL: TelemetryFeed.get_tunnel_telem_brief,
 }
 
 

monkey/monkey_island/cc/services/telemetry/processing/processing.py

@@ -8,7 +8,6 @@ from monkey_island.cc.services.telemetry.processing.exploit import process_explo
 from monkey_island.cc.services.telemetry.processing.post_breach import process_post_breach_telemetry
 from monkey_island.cc.services.telemetry.processing.scan import process_scan_telemetry
 from monkey_island.cc.services.telemetry.processing.state import process_state_telemetry
-from monkey_island.cc.services.telemetry.processing.tunnel import process_tunnel_telemetry
 
 logger = logging.getLogger(__name__)
 
@@ -22,7 +21,6 @@ TELEMETRY_CATEGORY_TO_PROCESSING_FUNC = {
     TelemCategoryEnum.SCAN: process_scan_telemetry,
     TelemCategoryEnum.STATE: process_state_telemetry,
     TelemCategoryEnum.TRACE: lambda *args, **kwargs: None,
-    TelemCategoryEnum.TUNNEL: process_tunnel_telemetry,
 }
 
 # Don't save credential telemetries in telemetries collection.

monkey/monkey_island/cc/services/telemetry/processing/tunnel.py

@@ -1,15 +0,0 @@
-from monkey_island.cc.services.node import NodeService
-from monkey_island.cc.services.telemetry.processing.utils import get_tunnel_host_ip_from_proxy_field
-from monkey_island.cc.services.telemetry.zero_trust_checks.tunneling import (
-    check_tunneling_violation,
-)
-
-
-def process_tunnel_telemetry(telemetry_json, _):
-    check_tunneling_violation(telemetry_json)
-    monkey_id = NodeService.get_monkey_by_guid(telemetry_json["monkey_guid"])["_id"]
-    if telemetry_json["data"]["proxy"] is not None:
-        tunnel_host_ip = get_tunnel_host_ip_from_proxy_field(telemetry_json)
-        NodeService.set_monkey_tunnel(monkey_id, tunnel_host_ip)
-    else:
-        NodeService.unset_all_monkey_tunnels(monkey_id)

monkey/monkey_island/cc/services/telemetry/processing/utils.py

@@ -14,8 +14,3 @@ def get_edge_by_scan_or_exploit_telemetry(telemetry_json):
     dst_label = NodeService.get_label_for_endpoint(dst_node["_id"])
 
     return EdgeService.get_or_create_edge(src_monkey["_id"], dst_node["_id"], src_label, dst_label)
-
-
-def get_tunnel_host_ip_from_proxy_field(telemetry_json):
-    tunnel_host_ip = telemetry_json["data"]["proxy"].split(":")[-2].replace("//", "")
-    return tunnel_host_ip

monkey/monkey_island/cc/services/telemetry/zero_trust_checks/tunneling.py

@@ -1,32 +0,0 @@
-import common.common_consts.zero_trust_consts as zero_trust_consts
-from monkey_island.cc.models import Monkey
-from monkey_island.cc.models.zero_trust.event import Event
-from monkey_island.cc.services.telemetry.processing.utils import get_tunnel_host_ip_from_proxy_field
-from monkey_island.cc.services.zero_trust.monkey_findings.monkey_zt_finding_service import (
-    MonkeyZTFindingService,
-)
-
-
-def check_tunneling_violation(tunnel_telemetry_json):
-    if tunnel_telemetry_json["data"]["proxy"] is not None:
-        # Monkey is tunneling, create findings
-        tunnel_host_ip = get_tunnel_host_ip_from_proxy_field(tunnel_telemetry_json)
-        current_monkey = Monkey.get_single_monkey_by_guid(tunnel_telemetry_json["monkey_guid"])
-        tunneling_events = [
-            Event.create_event(
-                title="Tunneling event",
-                message="Monkey on {hostname} tunneled traffic through {proxy}.".format(
-                    hostname=current_monkey.hostname, proxy=tunnel_host_ip
-                ),
-                event_type=zero_trust_consts.EVENT_TYPE_MONKEY_NETWORK,
-                timestamp=tunnel_telemetry_json["timestamp"],
-            )
-        ]
-
-        MonkeyZTFindingService.create_or_add_to_existing(
-            test=zero_trust_consts.TEST_TUNNELING,
-            status=zero_trust_consts.STATUS_FAILED,
-            events=tunneling_events,
-        )
-
-        MonkeyZTFindingService.add_malicious_activity_to_timeline(tunneling_events)