Cyber Range Scenarios
Training scenarios for cloud-based cyber ranges, initially focused on utilizing Google Cloud Platform
|Scenario name||Primary OS Type||OS Versions||Vulns||CVEs|
|Shell Shock example||Linux||RHEL 7||Shell Shock, libfutex||CVE-2014-6271, CVE-2014-3153|
|overlayfs example||Linux||Ubuntu 14.04||'overlayfs' Local Privilege Escalation||CVE-2015-1328|
We're building the plane while we fly it, here, but these are the general design principals we're trying to follow.
- For cloud frameworks use open source Infrastructure as Code tools to provision and manage the cloud infrastructure Terraform
- Rationale: Although Terraform build scripts are still very platform dependent, there is a much greater chance of reuse with other platforms versus platform specific build tools.
- For cloud workloads, i.e., VMs, containers, etc., use Ansible
- Rationale: Most OSes are not tightly coupled to the cloud platform. Debian is Debian, Windows is Windows. Here it makes sense to use a standardized 3rd party tool like Ansible that won't be impacted by underlying cloud implementations.