What are the network and internet limits placed on my Range virtual machines?¶
On Your Network:¶
At the network layer, most Cyber Range configurations are restricted to only see the machines or VMs within that student's "Team" environment. You should be able to see your own VMs, and some of the Range infrastructure and that is all (e.g. login server, DNS, etc).
Technically, this means that while you might be able to see some layer-1/2 traffic, you should not be able to functionally see other student/instructor "Teams" or virtual machines on your network's broadcast domain (netmask grouping), other than your own machine and the Range's login RDP/ssh gateway.
To The Internet:¶
Generally, most virtual machine environments are allowed/able to "get out" to the open Internet through a route enforced web proxy on ports 80 & 443 for non malicious traffic alone*. No other traffic or protocols are allowed (e.g. no FTP, no DNS, SMTP, etc).
For the purpose of getting data in-to and out-of the range, a client can typically access resources like Google-Drive or Box, which is a great way of safely accessing or saving class assignments outside the range.
- WARNING: If a client attempts to circumvent this network, egress configurations or other range resource restrictions, or attack any of the range's systems, or any other entity, they will be at risk of account termination.
Have Networking Tools Been Disabled on Cyber Range VMs?¶
Networking tools have not been disabled on Cyber Range virtual machines. However, some traffic is blocked from exiting the safety of the Range. For more information about using networking tools in the Cyber Range, please see the article titled Why Can't I Ping or SSH to IPs Outside of the Range?