Overview


The Network Manager system prevents unauthorized network devices from establishing connections to your protected system. Among the many events that will engage Active Lock are:

 

  • You join a network that has not been previously trusted
  • A network device scans your host for open ports and connects to a Cigent deception port. 
  • An untrusted network device attempts to connect to your device on any port.


Testing:


You can run the provided program called network_recon_local_only.exe which does a simple port scan of your host which will cause Active Lock to be engaged by connecting to a Cigent deception port.

 

Open a command prompt window and set the current directory to the location of the provided program. (network_recon_local_only.exe)

 

 

Run the attack script. The script will scan for open ports on your host. When the deception port is scanned, it will immediately trigger an Active Lock.



 

Switch back to the Security Status tab. Note that Active Lock is engaged.


 


Since we know this was a test, we can clear the Active Lock by clicking on CLEAR ALERT. 

 

Enter your authentication PIN.

 


 

Note that Active Lock is now disengaged.