Network Deception ( Plus Only ) :

Network Deception ( Plus Only ) Print

Created by: David Wolf

Modified on: Wed, 8 Jun, 2022 at 2:11 PM

Overview

The Network Manager system prevents unauthorized network devices from establishing connections to your protected system. Among the many events that will engage Active Lock are:

You join a network that has not been previously trusted
A network device scans your host for open ports and connects to a Cigent deception port.
An untrusted network device attempts to connect to your device on any port.

Testing:

You can run the provided program called network_recon_local_only.exe which does a simple port scan of your host which will cause Active Lock to be engaged by connecting to a Cigent deception port.

Open a command prompt window and set the current directory to the location of the provided program. (network_recon_local_only.exe)

Run the attack script. The script will scan for open ports on your host. When the deception port is scanned, it will immediately trigger an Active Lock.

Switch back to the Security Status tab. Note that Active Lock is engaged.

Since we know this was a test, we can clear the Active Lock by clicking on CLEAR ALERT.

Enter your authentication PIN.

Note that Active Lock is now disengaged.

David is the author of this solution article.

Did you find it helpful? Yes No

Network Deception ( Plus Only ) Print

Related Articles