diff --git a/CHANGELOG.md b/CHANGELOG.md index 47a2d8af7..8f849b433 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [Unreleased] +### Removed +- Internet access check on agent start. #1402 +- The "internal.monkey.internet_services" configuration option that enabled + internet access checks. #1402 + ### Fixed - Misaligned buttons and input fields on exploiter and network configuration pages. #1353 diff --git a/envs/monkey_zoo/blackbox/config_templates/base_template.py b/envs/monkey_zoo/blackbox/config_templates/base_template.py index f55328312..e323e9098 100644 --- a/envs/monkey_zoo/blackbox/config_templates/base_template.py +++ b/envs/monkey_zoo/blackbox/config_templates/base_template.py @@ -15,5 +15,4 @@ class BaseTemplate(ConfigTemplate): ], "monkey.post_breach.post_breach_actions": [], "internal.general.keep_tunnel_open_time": 0, - "internal.monkey.internet_services": [], } diff --git a/monkey/infection_monkey/config.py b/monkey/infection_monkey/config.py index 0bede1c57..433f11541 100644 --- a/monkey/infection_monkey/config.py +++ b/monkey/infection_monkey/config.py @@ -145,9 +145,6 @@ class Configuration(object): # sets whether or not to retry failed hosts on next scan retry_failed_explotation = True - # addresses of internet servers to ping and check if the monkey has internet acccess. - internet_services = ["updates.infectionmonkey.com", "www.google.com"] - keep_tunnel_open_time = 60 # Monkey files directory name diff --git a/monkey/infection_monkey/control.py b/monkey/infection_monkey/control.py index 109110498..f3aac4701 100644 --- a/monkey/infection_monkey/control.py +++ b/monkey/infection_monkey/control.py @@ -19,7 +19,7 @@ from common.common_consts.timeouts import ( SHORT_REQUEST_TIMEOUT, ) from infection_monkey.config import GUID, WormConfiguration -from infection_monkey.network.info import check_internet_access, local_ips +from infection_monkey.network.info import local_ips from infection_monkey.transport.http import HTTPConnectProxy from infection_monkey.transport.tcp import TcpProxy @@ -40,7 +40,7 @@ class ControlClient(object): proxies = {} @staticmethod - def wakeup(parent=None, has_internet_access=None): + def wakeup(parent=None): if parent: LOG.debug("parent: %s" % (parent,)) @@ -48,15 +48,11 @@ class ControlClient(object): if not parent: parent = GUID - if has_internet_access is None: - has_internet_access = check_internet_access(WormConfiguration.internet_services) - monkey = { "guid": GUID, "hostname": hostname, "ip_addresses": local_ips(), "description": " ".join(platform.uname()), - "internet_access": has_internet_access, "config": WormConfiguration.as_dict(), "parent": parent, "launch_time": str(datetime.now().strftime(DEFAULT_TIME_FORMAT)), diff --git a/monkey/infection_monkey/example.conf b/monkey/infection_monkey/example.conf index 774d69aed..e5ce947c9 100644 --- a/monkey/infection_monkey/example.conf +++ b/monkey/infection_monkey/example.conf @@ -2,10 +2,6 @@ "command_servers": [ "192.0.2.0:5000" ], - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], "keep_tunnel_open_time": 60, "subnet_scan_list": [ diff --git a/monkey/infection_monkey/network/info.py b/monkey/infection_monkey/network/info.py index 474281f68..7f740eeb2 100644 --- a/monkey/infection_monkey/network/info.py +++ b/monkey/infection_monkey/network/info.py @@ -5,8 +5,6 @@ from random import randint # noqa: DUO102 import netifaces import psutil -import requests -from requests import ConnectionError from common.network.network_range import CidrRange from infection_monkey.utils.environment import is_windows_os @@ -125,23 +123,6 @@ def get_free_tcp_port(min_range=1000, max_range=65535): return None -def check_internet_access(services): - """ - Checks if any of the services are accessible, over HTTPS - :param services: List of IPs/hostnames - :return: boolean depending on internet access - """ - for host in services: - try: - requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False) # noqa: DUO123 - return True - except ConnectionError: - # Failed connecting - pass - - return False - - def get_interfaces_ranges(): """ Returns a list of IPs accessible in the host in each network interface, in the subnet. diff --git a/monkey/monkey_island/cc/models/monkey.py b/monkey/monkey_island/cc/models/monkey.py index 70ca9fbf9..4bfaa1759 100644 --- a/monkey/monkey_island/cc/models/monkey.py +++ b/monkey/monkey_island/cc/models/monkey.py @@ -38,7 +38,6 @@ class Monkey(Document): dead = BooleanField() description = StringField() hostname = StringField() - internet_access = BooleanField() ip_addresses = ListField(StringField()) launch_time = StringField() keepalive = DateTimeField() diff --git a/monkey/monkey_island/cc/services/config_schema/internal.py b/monkey/monkey_island/cc/services/config_schema/internal.py index 1ce1c864b..b6e926dfb 100644 --- a/monkey/monkey_island/cc/services/config_schema/internal.py +++ b/monkey/monkey_island/cc/services/config_schema/internal.py @@ -60,16 +60,6 @@ INTERNAL = { "monkey propagating to " "a high number of machines", }, - "internet_services": { - "title": "Internet services", - "type": "array", - "uniqueItems": True, - "items": {"type": "string"}, - "default": ["monkey.guardicore.com", "www.google.com"], - "description": "List of internet services to try and communicate with to " - "determine internet" - " connectivity (use either ip or domain)", - }, "self_delete_in_cleanup": { "title": "Self delete on cleanup", "type": "boolean", diff --git a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json index 86a43f0fc..a18fb0adc 100644 --- a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json +++ b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json @@ -54,10 +54,6 @@ "monkey": { "victims_max_find": 100, "victims_max_exploit": 100, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], "self_delete_in_cleanup": true, "use_file_logging": true, "serialize_config": false,