Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Lure Settings

The lure settings will vary depending on the service. The character limits and requirements in FortiDeceptor may differ from the requirements implemented in the service.

Character restrictions and guidelines

Lure setting

Service

Requirements

Client Number

SAP DISPATCHER

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), commas (,), hyphens (-), underscores (_), and spaces are supported.

DICOM Listening Port

Medical

Enter a value between 1-65535. Default is 4242.

DICOM Server Name

Medical

Maximum of 16 characters.

Name cannot begin with a digit.

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-) and underscores (_) are supported.

Domain (optional)

Windows: NBNSSpoofSpotter

Alphanumeric characters (A-Z, a-z, 0-9) and periods (.), are supported.

DSN Description

Windows: ODBC lure

Maximum of 256 characters.

Alphanumeric characters (A-Z, a-z, 0-9), special characters (.-_!@(~)?:|+;*/"') and spaces are supported.

DSN Name

Windows: ODBC lure

Maximum of 32 characters.

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), hyphens (-), underscores (_), and spaces are supported.

FTP Banner

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

Hostname

Windows: NBNSSpoofSpotter SAP DISPATCHER

Maximum of 15 characters.

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-) and underscores (_) are supported.

HTTP Listening Port

Ubuntu, Centos

Enter a value between 1-65535.Default is 80.

HTTPS Listening Port

Ubuntu, Centos

Enter a value between 1-65535. Default is 443.

HTTPS SSL Certificate

Ubuntu, Centos

Optional. Upload using default settings is supported.

Instance Name

SAP DISPATCHER

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), commas (,), hyphens (-), underscores (_), and spaces are supported.

Interval(sec)

Windows: NBNSSpoofSpotter

Enter a value between 60-3600.

Listening Port

ERP (CRM), POS, SAP Router, SAP DISPATCHER, TP-LINK, CWMP

Enter a value between 1-65535.

  • ERP (CRM), POS, and TP-LINK: Default is 80.
  • SAP Router: Default is 3299
  • SAP DISPATCHER: Default is 3200
  • CWMP: Default is 7547

Listening Port Over HTTPS

SAP WEB

Enter a value between 1-65535. Default is 443

Module type

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

PACS Listening Port

Medical

Enter a value between 1-65535.Default is 80.

PACS System Name

Medical

Maximum of 16 characters.

Name cannot start with a digit.

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), and underscores (_) are supported.

Page title

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

Password

Windows: RDP & SMB, Ubuntu and Centos: SSH & SAMBA, NBNSSpoofSpotter

GIT Users, ERP (CRM), Medical, POS, FortiGate, Cisco Router (Telnet/HTTP), HP Printer (HTTP), IP Camera (HTTP), Centos, SAP Router, SAP WEB, Brother MFC Printer (HTTP), Lexmark Printer (HTTP), TP-LINK

Maxiumum of 32 characters.

Alphanumeric characters (A-Z, a-z, 0-9) and special characters (-!@#$%(~)^&?<>:|+;*/,."'_) are supported.

The password is optional in GIT repository import.

Plant Identification

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

PLC name

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

Repository Name

GIT Users

Maximum of 100 characters.

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-) and underscores (_) are supported.

Serial number

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

Serial number for ENIP

SCADAV3

Only 0-9 allowed

Sharename

Windows:RDP & SMB, Ubuntu Centos-SSH & SAMBA

Centos

This option is only available for SAMBA (Ubuntu) or SMB (Windows). Enter a Sharename between 3-63 characters.

Alphanumeric characters (a-z, 0-9) and hyphens are supported.

SID

SAP DISPATCHER

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), commas (,), hyphens (-), underscores (_), and spaces are supported.

SNMP

SCADAV3, Cisco Router (Telnet/HTTP), HP Printer (HTTP), IP Camera (HTTP), Brother MFC Printer (HTTP), Lexmark Printer (HTTP)

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-) and underscores (_) are supported.

SSLVPN Bookmarks Name

FortiGate

Maximum of 15 characters.

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), hyphens (-), underscores (_), and spaces are supported.

SSLVPN Bookmarks URL

FortiGate

Required field.

Alphanumeric characters (A-Z, a-z, 0-9), spaces, and special characters (-@#~?:./_=) are supported.

SSLVPN Listening Port

FortiGate

Enter a value between 1-65535.Default is 10443.

TCP Listener

Windows: TCP Listener

Ubuntu, Centos

Separate multiple ports with a comma (,).

Telnet

SCADAV3

Telnet username password is the same as ERP

Token

GitHub repository import

Alphanumeric characters (A-Z, a-z, 0-9), and periods (.) are supported.

Update or Cancel

Windows: RDP & SMB, Ubuntu and Centos: SSH & SAMBA

Click Update to save the username and password. Click Cancel to discard the username and password. Click Delete to delete an existing lure.

URL

GitHub repository import

Required field.

Alphanumeric characters (A-Z, a-z, 0-9), spaces, and special characters (-@#~?:./_=) are supported.

Username

Windows: RDP & SMB, Ubuntu and Centos- SSH & SAMBA, NBNSSpoofSpotter.

GIT Users, ERP (CRM), Medical, POS, FortiGate, Cisco Router (Telnet/HTTP), HP Printer (HTTP), IP Camera (HTTP),

Centos, SAP Router, SAP WEB, Brother MFC Printer (HTTP), Lexmark Printer (HTTP), TP- LINK

Maximum of 64 characters.

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), hyphens (-) and underscores (_) are supported.

 

Lure Settings

The lure settings will vary depending on the service. The character limits and requirements in FortiDeceptor may differ from the requirements implemented in the service.

Character restrictions and guidelines

Lure setting

Service

Requirements

Client Number

SAP DISPATCHER

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), commas (,), hyphens (-), underscores (_), and spaces are supported.

DICOM Listening Port

Medical

Enter a value between 1-65535. Default is 4242.

DICOM Server Name

Medical

Maximum of 16 characters.

Name cannot begin with a digit.

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-) and underscores (_) are supported.

Domain (optional)

Windows: NBNSSpoofSpotter

Alphanumeric characters (A-Z, a-z, 0-9) and periods (.), are supported.

DSN Description

Windows: ODBC lure

Maximum of 256 characters.

Alphanumeric characters (A-Z, a-z, 0-9), special characters (.-_!@(~)?:|+;*/"') and spaces are supported.

DSN Name

Windows: ODBC lure

Maximum of 32 characters.

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), hyphens (-), underscores (_), and spaces are supported.

FTP Banner

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

Hostname

Windows: NBNSSpoofSpotter SAP DISPATCHER

Maximum of 15 characters.

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-) and underscores (_) are supported.

HTTP Listening Port

Ubuntu, Centos

Enter a value between 1-65535.Default is 80.

HTTPS Listening Port

Ubuntu, Centos

Enter a value between 1-65535. Default is 443.

HTTPS SSL Certificate

Ubuntu, Centos

Optional. Upload using default settings is supported.

Instance Name

SAP DISPATCHER

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), commas (,), hyphens (-), underscores (_), and spaces are supported.

Interval(sec)

Windows: NBNSSpoofSpotter

Enter a value between 60-3600.

Listening Port

ERP (CRM), POS, SAP Router, SAP DISPATCHER, TP-LINK, CWMP

Enter a value between 1-65535.

  • ERP (CRM), POS, and TP-LINK: Default is 80.
  • SAP Router: Default is 3299
  • SAP DISPATCHER: Default is 3200
  • CWMP: Default is 7547

Listening Port Over HTTPS

SAP WEB

Enter a value between 1-65535. Default is 443

Module type

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

PACS Listening Port

Medical

Enter a value between 1-65535.Default is 80.

PACS System Name

Medical

Maximum of 16 characters.

Name cannot start with a digit.

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), and underscores (_) are supported.

Page title

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

Password

Windows: RDP & SMB, Ubuntu and Centos: SSH & SAMBA, NBNSSpoofSpotter

GIT Users, ERP (CRM), Medical, POS, FortiGate, Cisco Router (Telnet/HTTP), HP Printer (HTTP), IP Camera (HTTP), Centos, SAP Router, SAP WEB, Brother MFC Printer (HTTP), Lexmark Printer (HTTP), TP-LINK

Maxiumum of 32 characters.

Alphanumeric characters (A-Z, a-z, 0-9) and special characters (-!@#$%(~)^&?<>:|+;*/,."'_) are supported.

The password is optional in GIT repository import.

Plant Identification

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

PLC name

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

Repository Name

GIT Users

Maximum of 100 characters.

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-) and underscores (_) are supported.

Serial number

SCADAV3

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), underscores (_), and spaces are supported.

Serial number for ENIP

SCADAV3

Only 0-9 allowed

Sharename

Windows:RDP & SMB, Ubuntu Centos-SSH & SAMBA

Centos

This option is only available for SAMBA (Ubuntu) or SMB (Windows). Enter a Sharename between 3-63 characters.

Alphanumeric characters (a-z, 0-9) and hyphens are supported.

SID

SAP DISPATCHER

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), commas (,), hyphens (-), underscores (_), and spaces are supported.

SNMP

SCADAV3, Cisco Router (Telnet/HTTP), HP Printer (HTTP), IP Camera (HTTP), Brother MFC Printer (HTTP), Lexmark Printer (HTTP)

Alphanumeric characters (A-Z, a-z, 0-9), hyphens (-) and underscores (_) are supported.

SSLVPN Bookmarks Name

FortiGate

Maximum of 15 characters.

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), hyphens (-), underscores (_), and spaces are supported.

SSLVPN Bookmarks URL

FortiGate

Required field.

Alphanumeric characters (A-Z, a-z, 0-9), spaces, and special characters (-@#~?:./_=) are supported.

SSLVPN Listening Port

FortiGate

Enter a value between 1-65535.Default is 10443.

TCP Listener

Windows: TCP Listener

Ubuntu, Centos

Separate multiple ports with a comma (,).

Telnet

SCADAV3

Telnet username password is the same as ERP

Token

GitHub repository import

Alphanumeric characters (A-Z, a-z, 0-9), and periods (.) are supported.

Update or Cancel

Windows: RDP & SMB, Ubuntu and Centos: SSH & SAMBA

Click Update to save the username and password. Click Cancel to discard the username and password. Click Delete to delete an existing lure.

URL

GitHub repository import

Required field.

Alphanumeric characters (A-Z, a-z, 0-9), spaces, and special characters (-@#~?:./_=) are supported.

Username

Windows: RDP & SMB, Ubuntu and Centos- SSH & SAMBA, NBNSSpoofSpotter.

GIT Users, ERP (CRM), Medical, POS, FortiGate, Cisco Router (Telnet/HTTP), HP Printer (HTTP), IP Camera (HTTP),

Centos, SAP Router, SAP WEB, Brother MFC Printer (HTTP), Lexmark Printer (HTTP), TP- LINK

Maximum of 64 characters.

Alphanumeric characters (A-Z, a-z, 0-9), periods (.), hyphens (-) and underscores (_) are supported.