Skip to content

Commit

Permalink
Merge branch 'faq-cleanup-1' into develop
Browse files Browse the repository at this point in the history 
PR #4186
  • Loading branch information
@mssalvatore
mssalvatore committed Jun 4, 2024
2 parents 645cbae + 504bc8d commit 7ff053b
Show file tree
Hide file tree
Showing 46 changed files with 254 additions and 21,180 deletions.
149 changes: 14 additions & 135 deletions docs/content/FAQ/_index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ Below are some of the most common questions we receive about the Infection Monke
- [How long does a single Infection Monkey Agent run? Is there a time limit?](#how-long-does-a-single-infection-monkey-agent-run-is-there-a-time-limit)
- [How long does it take to stop all running Infection Monkey Agents?](#how-long-does-it-take-to-stop-all-running-infection-monkey-agents)
- [Is the Infection Monkey a malware/virus?](#is-the-infection-monkey-a-malwarevirus)
- [Reset the Monkey Island password](#reset-the-monkey-island-password)
- [How do I reset the Monkey Island password?](#how-do-i-reset-the-monkey-island-password)
- [Should I run the Infection Monkey continuously?](#should-i-run-the-infection-monkey-continuously)
- [Exactly what internet queries does the Infection Monkey perform?](#exactly-what-internet-queries-does-the-infection-monkey-perform)
- [Logging and how to find logs](#logging-and-how-to-find-logs)
Expand All @@ -31,13 +31,14 @@ Below are some of the most common questions we receive about the Infection Monke
- [How stable are the exploits used by the Infection Monkey? Will the Infection Monkey crash my systems with its exploits?](#how-stable-are-the-exploits-used-by-the-infection-monkey-will-the-infection-monkey-crash-my-systems-with-its-exploits)
- [After I've set up Monkey Island, how can I execute the Infection Monkey Agent?](#after-ive-set-up-monkey-island-how-can-i-execute-the-infection-monkey-agent)
- [How can I make the Infection Monkey Agents propagate "deeper" into the network?](#how-can-i-make-the-infection-monkey-agent-propagate-deeper-into-the-network)
- [What if the report returns a blank screen?](#what-if-the-report-returns-a-blank-screen)
- [Can I limit how the Infection Monkey propagates through my network?](#can-i-limit-how-the-infection-monkey-propagates-through-my-network)
- [How can I get involved with the project?](#how-can-i-get-involved-with-the-project)

## Where can I get the latest version of the Infection Monkey?

For the latest **stable** release, visit [our downloads page](https://www.akamai.com/infectionmonkey#download). **This is the recommended and supported version**!
For the latest **stable** release, visit [our downloads
page](https://github.com/guardicore/monkey/releases/latest). **This is the
recommended and supported version**!

If you want to see what has changed between versions, refer to the [releases page on GitHub](https://github.com/guardicore/monkey/releases). For the latest development version, visit the [develop version on GitHub](https://github.com/guardicore/monkey/tree/develop).

Expand Down Expand Up @@ -80,70 +81,16 @@ downloaded installer](/usage/file-checksums) first. Then, create a new folder
and disable antivirus scan for that folder. Lastly, re-install the Infection
Monkey in the newly created folder.

## Reset the Monkey Island password

{{% notice warning %}}
If you reset the credentials, the database will be cleared. Any findings of the Infection Monkey from previous runs will be lost. <br/><br/>
However, you can save the Monkey's existing configuration by logging in with your current credentials and clicking on the **Export config** button on the configuration page.
{{% /notice %}}

### On Windows and Linux (AppImage)

When you first access the Monkey Island Server, you'll be prompted to create an account.
Creating an account will write your credentials to the database in the [data directory]({{< ref "/reference/data_directory" >}}).

To reset the credentials:

1. **Remove** the data directory manually

Because credentials are stored in the database, you must perform a complete factory reset in order to reset the credentials, which is accomplished by removing the entire [data directory]({{< ref "/reference/data_directory" >}}).

2. Restart the Monkey Island process:
* On Linux, simply kill the Monkey Island process and execute the AppImage.
* On Windows, restart the program.

3. Go to the Monkey Island's URL and create a new account.

### On Docker
When you first access the Monkey Island Server, you'll be prompted to create an account.
To reset the credentials, you'll need to perform a complete factory reset:

1. Kill the Monkey Island container:
```bash
sudo docker kill monkey-island
```
1. Kill the MongoDB container:
```bash
sudo docker kill monkey-mongo
```
1. Remove the MongoDB volume:
```bash
sudo docker volume rm db
```
1. Restart the MongoDB container:
```bash
sudo docker run \
--name monkey-mongo \
--network=host \
--volume db:/data/db \
--detach \
mongo:6.0
```
1. Restart the Monkey Island container
```bash
sudo docker run \
--name monkey-island \
--network=host \
infectionmonkey/monkey-island:latest
```
1. Go to the Monkey Island's URL and create a new account.
## How do I reset the Monkey Island password?

In order to reset the Monkey Island password, you'll need to [perform a factory
reset](/howtos/factory-reset).

## Should I run the Infection Monkey continuously?

Yes! This will allow you to verify that the Infection Monkey identified no new security issues since the last time you ran it.

Does the Infection Monkey require a connection to the internet?
## Does the Infection Monkey require a connection to the internet?

The Infection Monkey does not require internet access to function.

Expand All @@ -170,76 +117,14 @@ suggest an update if one is available.

### Downloading logs

Both Monkey Agent and Monkey Island logs can be found in the Infection Map page. Click on the
machine from which you want to download logs and press the "Download log" button on the side panel.
Note that you can only download the Monkey Island log by clicking on the Monkey Island machine in
the Infection Map.
![How to download logs](/images/island/infection_map_page/agent_log_download.png "How to download logs")
Both the Agent and Island logs can be downloaded from the Infection Map page. See [how
to download logs](../howtos/download-logs) for more information.

### Log locations

If the logs cannot be downloaded through the UI for any reason, you can collect the log files
directly from the machine where an Agent or Monkey Island ran.
#### Monkey Island Server logs
The Monkey Island's log file is located in the
[data directory]({{< ref "/reference/data_directory" >}}).

The log enables you to see which requests were requested from the server and extra logs from the backend logic. The log will contain entries like these:

```log
2022-04-18 13:48:43,914 - pywsgi.py:1226 - write() - INFO - 192.168.56.1 - - [2022-04-18 13:48:43] "GET /api/agent-binaries/windows HTTP/1.1" 200 21470665 0.293586
2022-04-18 13:48:49,970 - pywsgi.py:1226 - write() - INFO - 192.168.56.1 - - [2022-04-18 13:48:49] "GET /api/island-mode HTTP/1.1" 200 128 0.003426
2022-04-18 13:48:49,988 - report.py:355 - get_domain_issues() - INFO - Domain issues generated for reporting
```

It's also possible to change the default log level by editing `log_level` value in a [server configuration file](../../reference/server_configuration).
`log_level` can be set to `info`(default, less verbose) or `debug`(more verbose).
#### Monkey Island UI logs
The Monkey Island's UI log file (`nextjs.log`) is located in the
[data directory]({{< ref "/reference/data_directory" >}}).

This log contains the output of the server process hosting the web interface.
See the [logs reference page](../reference/logs).


#### Infection Monkey Agent logs

The Infection Monkey Agent log file can be found in directories specified for
temporary files on the machines where it was executed. In most cases, this will
be `/tmp` on Linux and `%temp%` on Windows. The Agent searches a standard list
of directories to find an appropriate place to store the log:

1. The directory named by the `TMPDIR` environment variable.
2. The directory named by the `TEMP` environment variable.
3. The directory named by the `TMP` environment variable.
4. A platform-specific location:
- On Windows, the directories `C:\TEMP`, `C:\TMP`, `\TEMP`, and `\TMP`, in that order.
- On all other platforms, the directories `/tmp`, `/var/tmp`, and `/usr/tmp`, in that order.
5. As a last resort, the current working directory.

Infection Monkey log file name is constructed to the following pattern: `infection-monkey-agent-<TIMESTAMP>-<RANDOM_STRING>.log`

The logs contain information about the internals of the Infection Monkey Agent's execution. The log will contain entries like these:
```log
2019-07-22 19:16:44,228 [77598:140654230214464:INFO] main.main.116: >>>>>>>>>> Initializing monkey (InfectionMonkey): PID 77598 <<<<<<<<<<
2019-07-22 19:16:44,231 [77598:140654230214464:INFO] monkey.initialize.54: Monkey is initializing...
2019-07-22 19:16:44,231 [77598:140654230214464:DEBUG] system_singleton.try_lock.95: Global singleton mutex '{2384ec59-0df8-4ab9-918c-843740924a28}' acquired
2019-07-22 19:16:44,234 [77598:140654230214464:DEBUG] monkey.initialize.81: Added default server: 10.15.1.96:5000
2019-07-22 19:16:44,234 [77598:140654230214464:INFO] monkey.start.87: Monkey is running...
2019-07-22 19:16:44,234 [77598:140654230214464:DEBUG] control.find_server.65: Trying to wake up with Monkey Island servers list: ['10.15.1.96:5000', '192.0.2.0:5000']
2019-07-22 19:16:44,235 [77598:140654230214464:DEBUG] control.find_server.78: Trying to connect to server: 10.15.1.96:5000
2019-07-22 19:16:44,238 [77598:140654230214464:DEBUG] connectionpool._new_conn.815: Starting new HTTPS connection (1): 10.15.1.96:5000
2019-07-22 19:16:44,249 [77598:140654230214464:DEBUG] connectionpool._make_request.396: https://10.15.1.96:5000 "GET /api?action=is-up HTTP/1.1" 200 15
2019-07-22 19:16:44,253 [77598:140654230214464:DEBUG] connectionpool._new_conn.815: Starting new HTTPS connection (1): updates.infectionmonkey.com:443
2019-07-22 19:16:45,013 [77598:140654230214464:DEBUG] connectionpool._make_request.396: https://updates.infectionmonkey.com:443 "GET / HTTP/1.1" 200 61
```
## Running the Infection Monkey in a production environment

### How much of a footprint does the Infection Monkey leave?
Expand Down Expand Up @@ -276,9 +161,9 @@ If you do experience any performance issues please let us know on [our Slack cha

### Is it safe to use real passwords and usernames in the Infection Monkey's configuration?

Absolutely! User credentials are stored encrypted in the Monkey Island Server. This information is accessible only to users that have access to the specific Monkey Island.

We advise users to limit access to the Monkey Island Server by following our [password protection guide]({{< ref "/setup/accounts-and-security" >}}).
Absolutely! User credentials are stored encrypted in the Monkey Island Server.
This information can only be seen by individuals that have the credentials to
access the Monkey Island.

### How do you store sensitive information on Monkey Island?

Expand All @@ -304,12 +189,6 @@ To do this, change the `Configuration -> Propagation -> General -> Maximum scan

![How to increase propagation depth](/images/island/configuration_page/max_scan_depth_configuration.png "How to increase propagation depth")

## What if the report returns a blank screen?

This is sometimes caused when Monkey Island is installed with an old version of MongoDB. Make sure your MongoDB version is up to date using the `mongod --version` command on Linux or the `mongod -version` command on Windows. If your version is older than **4.0.10**, this might be the problem. To update your Mongo version:

- **Linux**: First, uninstall the current version with `sudo apt uninstall mongodb` and then install the latest version using the [official MongoDB manual](https://docs.mongodb.com/manual/administration/install-community/).
- **Windows**: First, remove the MongoDB binaries from the `monkey\monkey_island\bin\mongodb` folder. Download and install the latest version of MongoDB using the [official MongoDB manual](https://docs.mongodb.com/manual/administration/install-community/). After installation is complete, copy the files from the `C:\Program Files\MongoDB\Server\4.2\bin` folder to the `monkey\monkey_island\bin\mongodb folder`. Try to run the Monkey Island again and everything should work.

## Can I limit how the Infection Monkey propagates through my network?

Expand Down
10 changes: 5 additions & 5 deletions docs/content/_index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ infection. Infection Monkey will help you validate existing security solutions
and will provide a view of the internal network from an attacker's perspective.

Infection Monkey is free and can be downloaded from [our
homepage](https://www.akamai.com/infectionmonkey).
download page](https://github.com/guardicore/monkey/releases/latest).

![Infection Monkey Documentation Hub
Logo](/images/monkey-teacher.svg?height=400px "Infection Monkey Documentation
Expand Down Expand Up @@ -52,10 +52,10 @@ documentation page]({{< ref "/reports" >}}).
## Getting Started

If you haven't downloaded Infection Monkey yet you can do so [from our
homepage](https://www.akamai.com/infectionmonkey#download). After downloading
the Monkey, install it using one of our [setup guides]({{< ref "/setup" >}}),
and read our [getting started guide]({{< ref "/usage/getting-started" >}}) for
a quick-start on Monkey!
download page](https://github.com/guardicore/monkey/releases/latest). After
downloading the Monkey, install it using one of our [setup guides]({{< ref
"/setup" >}}), and read our [getting started guide]({{< ref
"/usage/getting-started" >}}) for a quick-start on Monkey!

## Support and community

Expand Down
16 changes: 16 additions & 0 deletions docs/content/howtos/_index.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
+++
title = "How Tos (Recipes)"
date = 2020-05-26T20:55:04+03:00
weight = 5
chapter = true
pre = '<i class="fas fa-rectangle-list"></i> '
tags = ["how tos"]
+++

# How Tos (Recipes)

Here you can find "how to" guides (or recipes) for accomplishing common tasks.

{{% children %}}

<br />
23 changes: 23 additions & 0 deletions docs/content/howtos/download-logs.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
title: "How to download logs"
date: 2020-06-03T11:28:00+04:00
draft: false
pre: '<i class="fas fa-file-lines"></i> '
weight: 2
tags: ["howtos", "download logs"]
---

Both the Agent and Island logs can be downloaded from the **Infection Map**
page by following these steps:

1. Click on the machine from which you want to download logs.
1. Press the _Download log_ button on the side panel.

Note that you can only download the Island log by clicking on the Monkey Island
machine in the Infection Map.

![Downloading logs](/images/island/infection_map_page/agent_log_download.png "Downloading logs")

### See also

- [Logs reference page](../reference/logs)
Loading

0 comments on commit 7ff053b

Please sign in to comment.