From ef053ea017271e0d7819029768b3afa1bf3f157a Mon Sep 17 00:00:00 2001 From: Kekoa Kaaikala Date: Mon, 26 Sep 2022 15:11:32 +0000 Subject: [PATCH] Docs: Update network scanning documentation --- docs/content/usage/configuration/basic-network.md | 4 +++- .../content/usage/scenarios/custom-scenario/network-breach.md | 2 +- .../usage/scenarios/custom-scenario/network-segmentation.md | 2 +- docs/content/usage/scenarios/custom-scenario/zero-trust.md | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/content/usage/configuration/basic-network.md b/docs/content/usage/configuration/basic-network.md index fa6c6004d..f5c6f93ce 100644 --- a/docs/content/usage/configuration/basic-network.md +++ b/docs/content/usage/configuration/basic-network.md @@ -8,5 +8,7 @@ description: "Configure settings related to the Monkey's network activity." Here you can control multiple important settings, such as: * Network propagation depth - How many hops from the base machine will the Infection Monkey spread? -* Local network scan - Should the Infection Monkey attempt to attack any machine in its subnet? +* Scan Agent's networks - Should the Infection Monkey attempt to attack any machine in its subnet? + + _Be careful when using this option. If a machine is connected to a public network, then the agent will scan the public network!_ * Scanner IP/subnet list - Which specific IP ranges should the Infection Monkey should try to attack? diff --git a/docs/content/usage/scenarios/custom-scenario/network-breach.md b/docs/content/usage/scenarios/custom-scenario/network-breach.md index 4d0a6a814..ddb23ed60 100644 --- a/docs/content/usage/scenarios/custom-scenario/network-breach.md +++ b/docs/content/usage/scenarios/custom-scenario/network-breach.md @@ -18,7 +18,7 @@ Infection Monkey will help you assess the impact of a future breach by attemptin - **Exploits -> Exploits** Here you can review the exploits the Infection Monkey will be using. By default all safe exploiters are selected. - **Exploits -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times. -- **Network -> Scope** Make sure to properly configure the scope of the scan. You can select **Local network scan** +- **Network -> Scope** Make sure to properly configure the scope of the scan. You can select **Scan Agent's networks** and allow Monkey to propagate until maximum **Scan depth**(hop count) is reached, or you can fine tune it by providing specific network ranges in **Scan target list**. Scanning a local network is more realistic, but providing specific targets will make the scanning process substantially faster. diff --git a/docs/content/usage/scenarios/custom-scenario/network-segmentation.md b/docs/content/usage/scenarios/custom-scenario/network-segmentation.md index 2f9522d50..836f640c4 100644 --- a/docs/content/usage/scenarios/custom-scenario/network-segmentation.md +++ b/docs/content/usage/scenarios/custom-scenario/network-segmentation.md @@ -20,7 +20,7 @@ You can use the Infection Monkey's cross-segment traffic feature to verify that - **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define subnets that should be segregated from each other. If any of the provided networks can reach each other, you'll see it in the security report. -- **(Optional) Network -> Scope** You can disable **Local network scan** and leave all other options at the default setting if you only want to test for network segmentation without any lateral movement. +- **(Optional) Network -> Scope** You can disable **Scan Agent's networks** and leave all other options at the default setting if you only want to test for network segmentation without any lateral movement. - **(Optional) Monkey -> Post-Breach Actions** If you only want to test segmentation in the network, you can turn off all post-breach actions. These actions simulate an attacker's behavior after getting access to a new system, so they might trigger your defense solutions and interrupt the segmentation test. ## Suggested run mode diff --git a/docs/content/usage/scenarios/custom-scenario/zero-trust.md b/docs/content/usage/scenarios/custom-scenario/zero-trust.md index 07884e3c8..a77f30c0c 100644 --- a/docs/content/usage/scenarios/custom-scenario/zero-trust.md +++ b/docs/content/usage/scenarios/custom-scenario/zero-trust.md @@ -14,7 +14,7 @@ Want to assess your progress in achieving a Zero Trust network? The Infection Mo ## Configuration - **Exploits -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times. -- **Network -> Scope** Disable “Local network scan” and instead provide specific network ranges in the “Scan target list.” +- **Network -> Scope** Disable “Scan Agent's networks” and instead provide specific network ranges in the “Scan target list.” - **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define subnets that should be segregated from each other.