crond-jaist / cyris Goto Github PK

View Code? Open in Web Editor NEW

95.0 14.0 29.0 498 KB

CyRIS: Cyber Range Instantiation System

License: BSD 3-Clause "New" or "Revised" License

Shell 12.32% Python 86.66% C 0.94% PowerShell 0.09%

cybersecurity training cyber-range virtual-machines

cyris's Introduction

Important Notice

The CROND NEC-endowed chair at JAIST that has originally developed CyRIS ceased to exist in March 2021, and future development will be carried out by the Cybersecurity Lab at JAIST in the new repository named CyRIS. The original CyRIS version will not be receiving any future updates, so please switch over to the new CyRIS version as soon as you are able to do so.

CyRIS: Cyber Range Instantiation System

CyRIS is a tool for facilitating cybersecurity training by automating the creation and management of the corresponding training environments (a.k.a., cyber ranges) based on a description in YAML format. CyRIS is being developed by the Cyber Range Organization and Design (CROND) NEC-endowed chair at the Japan Advanced Institute of Science and Technology (JAIST).

An overview of the CyRIS workflow is provided below. Based on the input cyber range description, and a collection of virtual machine base images, CyRIS performs preparation, content installation and cloning in order to deploy the cyber range on a given server infrastructure.

CyRIS is written in Python, and has various features, including system configuration, tool installation, incident emulation, content management, and clone management. If interested, please download the latest release and let us know if you have any issues; a sample virtual machine base image and a user guide are also provided for your convenience.

The procedure for installing and configuring CyRIS is rather complex, therefore you should refer to the User Guide. In particular, the following issues are to be considered:

Hardware requirements: Hardware vrtualization support, Internet connection (optional) -- See Section 3.1 of the User Guide.
Software installation: Host preparation, base image preparation, CyRIS configuration -- See Section 3.2 of the User Guide.

Quick Start

This section provides some basic instructions on how to run a basic test in order to make sure CyRIS operates correctly. In what follows we assume that the installation procedure mentioned above was conducted successfully, and the current directory is the directory where CyRIS was installed. Please refer to the accompanying User Guide for details.

Preliminary checks

Some key issues that must not be forgotten before proceeding to running CyRIS are:

The configuration file CONFIG needs to reflect your actual CyRIS installation, in particular paying attention to the constants below:

cyris_path = ...

cyber_range_dir = ...
The sample KVM base image must be present on the CyRIS host, and the content of the file basevm_small.xml must reflect the actual location of the base image:

<source file ='...'/>
The content of sample file examples/basic.yml should reflect the actual host properties, and the actual location of the file basevm_small.xml in the corresponding sections:

mgmt_addr: ...

account: ...

basevm_config_file: ...

Basic operation

A typical sequence of operations is as follows:

Create a cyber range using the basic description edited above:

$ main/cyris.py examples/basic.yml CONFIG
Check the details regarding the created cyber range:

$ cat cyber_range/123/range_details-cr123.yml
Check the notification about how to login to the cyber range:

$ cat cyber_range/123/range_notification-cr123.txt
Try to login into the cyber range:

$ ssh trainee01@... -p ...
Destroy the cyber range:

$ main/range_cleanup.sh 123 CONFIG

Recovery from errors

Ocasionally an error such as No route to host appears. We are currently investigating its exact cause, but for the moment you should just destroy the partially created cyber range and repeat the creation process.

In case you encounter subsequent errors due to mis-configurations, and the range cleanup command above is insufficient to restore correct operation, you can also clean up the temporary files via a special cleanup script (two arguments are required):

$ ./destroy_all_cr.sh CYRIS_PATH CYBER_RANGE_PATH

References

For a research background about CyRIS, please consult the following paper:

R. Beuran, C. Pham, D. Tang, K. Chinen, Y. Tan, Y. Shinoda, "Cybersecurity Education and Training Support System: CyRIS", IEICE Transactions on Information and Systems, vol. E101-D, no. 3, March 2018, pp. 740-749.

For the list of contributors, please check the file CONTRIBUTORS.

cyris's People

Stargazers

Watchers

cyris's Issues

Python Value Error - could not convert string to float

I've setup Cyris on a Ubuntu 18.04.5 LTS VM and after installing all the required dependencies, configuring the machine properly (no passwd sudo etc) and running the host prepare script I am unable to instantiate a cyber range.

$ sudo python2 ./cyris/main/cyris.py cyris/examples/basic.yml cyris/CONFIG

#########################################################################
CyRIS v1.2: Cyber Range Instantiation System
#########################################################################
* INFO: cyris: Parse the configuration file.
* INFO: cyris: Check that prerequisite conditions are met.
* INFO: cyris: Parse the cyber range description.
Traceback (most recent call last):
  File "./cyris/main/cyris.py", line 1649, in <module>
    cyris.main()
  File "./cyris/main/cyris.py", line 1047, in main
    self.parse_description(filename)
  File "./cyris/main/cyris.py", line 358, in parse_description
    last_bit = self.add_basevm_ipaddr(100 + i)
  File "./cyris/main/cyris.py", line 313, in add_basevm_ipaddr
    if int(float(cur_lb_list[i])) == last_bit:
ValueError: could not convert string to float:

Any help would be appreciated. I can provide extra info if needed

Why you didn't provide the base images and their xml files for the Detailed example?

Is there is any way to get the base images and their xml files for the Detailed example?

What could be the reason?

I encounter the issue "cyris: Issue when creating the directory... A cyber range with the same id may already exist (or authentication error)." when running ,but the range id folder under /cyris/cyber_range doesn't exist. So what could be the reason for it.

ERROR: cyris: cyber range with the same id may already exist

Hi all. When i try to install cyris an error appears

INFO: cyris: Perform the initial setup.

ERROR: cyris: Issue when creating the directory '/home/cyuser/cyris/cyber_range/123/'.
A cyber range with the same id may already exist (or authentication error).

INFO: cyris: Cyber range creation status: FAILURE
Check the log file for details: /home/cyuser/cyris/cyber_range/123/creation.log

Permission denied (publickey). - Solved by installing openssh client and server

I am currently installing cyris on ubuntu 18.04. The host has been prepared according to the documentation, however after following the instructions on the linked digitalocean article, I keep getting the following error:

cyuser@localhost: Permission denied (publickey).

Running the parallel-ssh command seperately with the -A option gives the following output:

parallel-ssh -A -v -O StrictHostKeyChecking=no -O UserKnownHostsFile=/dev/null -i -h /home/cyuser/cyris/settings/123pssh_host.txt -t 300 -p 50 -x '-tt' "mkdir -p
home/cyuser/cyris/cyber_range/123/; mkdir /home/cyuser/cyris/cyber_range/123/images;"
Warning: do not enter your password if anyone else has superuser
privileges or access to your account.
Password:
[1] 22:20:57 FAILURE cyuser@localhost:22 Exited with error code 255
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
cyuser@localhost: Permission denied (publickey).

I have also edited /etc/ssh/sshd-config to allow passwordless authentication, root and a few other things.

Are there any particular things I need to edit in my sshd-config or any other steps I should take, since I cant seem to figure it out?

Thanks

“args” in “execute_program” can take only one argument

“args” in “execute_program” in the **-range.yml file seems can take only one argument

I found this when I tried to execute a shell script on VM.
As a result I succeeded by as follows:
**-range.yml :
tasks:
- copy_content:
- src: /home/cyuser/vm_setting/args.sh
dst: /tmp/
- execute_program:
- program: .
args: /tmp/args.sh
interpreter: bash

args.sh :
#!/bin/bash
touch /tmp/test

I checked by as follows:
NG:(Can “args” take some args?)
**-range.yml:
- execute_program:
- program: ls
args: -al >> /tmp/test
interpreter: bash

NG:(How can I run shell script?)
**-range.yml
- copy_content:
- src: /home/cyuser/vm_setting/args.sh
dst: /tmp/
- execute_program:
- program: /tmp/args.sh
interpreter: bash

NG:(“args” must be?)
tasks:
- copy_content:
- src: /home/cyuser/vm_setting/args.sh
dst: /tmp/
- execute_program:
- program: /tmp/args.sh
args: dummy
interpreter: bash

At the NG situation, I could see this message in cytrone log:

NOTE: cyris: The warning below can be safely ignored (caused by use of paramiko library in 'clone_environment.py').
/usr/lib/python2.7/dist-packages/Crypto/Cipher/blockalgo.py:141: FutureWarning: CTR mode needs counter parameter, not IV
self._cipher = factory.new(key, *args, **kwargs)

Where is the "basevm_small.xml"?

I can't find the file while README file refers to.

Where I can find the User Guide?

cyris/cyber_range

cyris/cyber_range dosnt have folder 123

A question about logging in to CyRIS

Dear Razvan,
I created CyRIS with ubuntu20.04, but I cannot log in with my account password, as shown below:
ssh: connect to host xxx port xxx: Connection refused
If you have time, I hope to help me out.
Best,
Jason.

Clone VM check ssh connectivity failure

SSH connectivity check to the clone VM results in failure. I have pasted below content of creation.log and last few lines of terminal output. Please advice.

=====================================================
CREATION.LOG

_Domain desktop_cr123_base started
/root/cyris-1.1/instantiation/sshkey_hostname_setup/sshkey_setup.sh 192.168.122.102 theroot root; /root/cyris-1.1/instantiation/sshkey_hostname_setup/hostname_setup.sh 192.168.122.102 theroot desktop;Warning: Permanently added '192.168.122.102' (ECDSA) to the list of known hosts.
[1] 16:56:50 [SUCCESS] [email protected]:22
interface eth123-1-1 does not exist!

Waiting for br123-1-1 to get ready (MAXWAIT is 2 seconds).
RTNETLINK answers: File exists
Failed to bring up br123-1-1.
bridges are up

Enter VM cloning script 'vm_clone_xml.sh'
** Create disk image 'desktop_cr123_1_1_img' for the cloned VM
Formatting '/root/cyris-1.1/cyber_range/123/images/desktop_cr123_1_1_img', fmt=qcow2 size=21474836480 backing_file=/root/cyris-1.1/cyber_range/123/desktop encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16
** Create XML config file 'desktop_cr123_1_1_config.xml' for the cloned VM
** Define the cloned VM using config file 'desktop_cr123_1_1_config.xml'
Domain desktop_cr123_1_1 defined from /root/cyris-1.1/cyber_range/123/images/desktop_cr123_1_1_config.xml

** Start the cloned VM 'desktop_cr123_1_1'
Domain desktop_cr123_1_1 started

Exit VM cloning script 'vm_clone_xml.sh'

Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.

Stderr: Warning: Permanently added '10.176.26.151' (ECDSA) to the list of known hosts.
Connection to 10.176.26.151 closed._

==============================================================
TERMINAL OUTPUT

DEBUG: cyris: Check SSH connectivity to 123.1.1.2 => FAILURE
Warning: Permanently added '10.176.26.151' (ECDSA) to the list of known hosts.
Warning: Permanently added '123.1.1.2' (ECDSA) to the list of known hosts.
DEBUG: cyris: Check SSH connectivity to 123.1.1.2 => FAILURE
ERROR: cyris: Cannot connect to VM.
Error on connect: Warning: Permanently added '10.176.26.151' (ECDSA) to the list of known hosts.
Warning: Permanently added '123.1.1.2' (ECDSA) to the list of known hosts.

Check the log file for details: /root/cyris-1.1/cyber_range/123/creation.log

INFO: cyris: Cyber range creation status: FAILURE
Check the log file for details: /root/cyris-1.1/cyber_range/123/creation.log

crond-jaist / cyris Goto Github PK

cyris's Introduction

Important Notice

CyRIS: Cyber Range Instantiation System

Quick Start

Preliminary checks

Basic operation

Recovery from errors

References

cyris's People

Stargazers

Watchers

Forkers

cyris's Issues

===================================================== CREATION.LOG

============================================================== TERMINAL OUTPUT

Recommend Projects

Recommend Topics

Recommend Org

=====================================================
CREATION.LOG

==============================================================
TERMINAL OUTPUT