center-for-threat-informed-defense / adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

https://ctid.io/adversary-emulation

Apache License 2.0

1.6k stars 292 forks source link

Microsoft Azure VMs Changes in Turla Environment #160

Closed scottbrumley closed 1 month ago

scottbrumley commented 3 months ago

Hi All,

I've been working deploying the Turla environment at Azure using Terraform. It turns out a few things have changed on the MS side.

redirect-srv1 and redirect-srv2 are provisioning 3 NICs on a Standard_D2s_v4, but MS stopped supporting more than 2 NICs.
carbon-desk1, -desk2, and desk3 use Win 10 build 19044.2006.220909 which MS has deprecated
snake-ex-srv1, snake-ad-srv1 and snake-file-srv1 use Windows 2019 Server build 17763.3406.220909 which MS has deprecated

1 I started using Standard_D8s_V4 instead.

2 and #3 Do you have a recommended build version to replace this?

Sincerely,

Scott

scottbrumley commented 1 month ago

These appear to work