Add firewall rules around 10.2.3.48 to speed up depth_3_a test

[mssalvatore]

Description

The depth_3_a test wastes 15-22 seconds waiting for 10.2.3.48 to shutdown. The cause is that 10.2.3.48 can successfully exploit other machines, but firewall rules prevent other machines from informing .48's relay that they don't need it. .48's relay is preventing the agent from shutting down quickly because it is waiting for child agents that will never be able to contact it.

Solution

Add firewall rules to prevent .48 from exploiting other machines.

Tasks

• [x] Modify the guardicore-monkey environment with the firewall rules (0d) @ilija-lazoroski
• [x] Add firewall rules to the terraform scripts to prevent .48 from exploiting other machines (0d) @ilija-lazoroski
• [x] Rebuild the guardicore-infec-monkey-test-1 environment (0d) @ilija-lazoroski
• [x] Rebuild the guardicore-infec-monkey-test-2 environment (0d) @ilija-lazoroski

[ilija-lazoroski]

The added firewall rule is block-powershell-48-to-depth-3:

All monkeys are dead after 13 seconds instead of the 22 seconds above:

This required a network tag to be added to the mimikatz-15.

[ilija-lazoroski]

Test-1 zoo: