labyrinth-nsg
v0.0.9
Published
Network security analysis tools
Downloads
7
Maintainers
Readme
Labyrinth NSG
Labyrinth
is an experimental tool for performing packet flow analysis in computer networks. Given a description of a network configuration, Labyrinth
can answer questions like:
- Which servers can receive traffic directly from the internet?
- Can traffic from the internet reach my database?
- Which services can my front-end web servers interact with?
- Can my back-end web service call out to services on the internet?
- Is the jump-box the only server that can SSH to the front-end web servers?
The Labyrinth
graph algorithms are network agnostic and capable of analyzing a wide variety of networking concepts and appliances. Labyrinth
makes use of converters
to transform vendor-specific network configuration descriptions into Labyrinth
graphs, suitable for analysis.
Currenly, Labyrinth
includes a converter for Azure Resource Graphs.
This converter models OSI Layer 3 traffic. This means it can reason about IP packet headers fields, like the source and destination IP addresses and ports, and the protocol. The Labyrinth
algorithm is fairly generic and capable of modeling concepts from other layers such as
- Layer 4 - e.g. TCP connection state and stateful packet inspection.
- Layer 7 - e.g. Application Gateways
Try Labyrinth
Labyrinth
is currently in the earliest stages of development, so documentation is sparse, and the API is evolving. If you are interested in taking a look, we recommend starting with the
Labyrinth Tutorial.
How Labyrinth Works
If you are interested in learning more about how Labyrinth
works, please read the
Labyrinth Architectural Concepts.