Available Deception OSes, Decoys and Selected Services
The following table shows the Available Deception OSes and their corresponding Available Deception Decoys and Selected Services in the Deployment Wizard.
The Available Deception Decoys are only available for SCADAV3/IoT, Ubuntu16v2, Ubuntu18v1, VoIPv1, Medicalv1 and EV2023 deception OSes. The decoy you select determines the available Selected Services.
| Available Deception OSes | Available Deception Decoys | Selected Services | ||
|---|---|---|---|---|
| centosv1 |
SSH, SAMBA, STMP, HTTP, HTTPS, GIT, TCPListener. ICMP, FTP, RADIUS |
|||
| fgt601v1 | SSLVPN | |||
| fgt601v2 | SSLVPN | |||
| crmv1 | ERP-WEB | |||
| scadav3
|
Liebert Spruce UPS | TFTP, SNMP, HTTP | ||
| Schneider Power Meter - PM5560 | SNMP, BACNET, HTTP, DNP3, ENIP | |||
| MOXA NPORT 5110 | SNMP, Telnet, HTTP, MOXA | |||
| Rockwell 1769-L35E Ethernet Port | SNMP, ENIP, HTTP | |||
| GE PLC 90 | SNMP, HTTP, SRTP | |||
| Kamstrup 382 | KAMSTRUP | |||
| Siemens S7-200 PLC | HTTP, TFTP, SNMP, MODBUS, S7COMM | |||
| VAV-DD BACnet controller | SNMP, BACNET | |||
|
Niagra4 Station |
SNMP, HTTP, BACNET |
|||
|
Schneider EcoStruxure BMS server |
SNMP, HTTP, TRICONEX, BACNET |
|||
|
Rockwell PLC |
HTTP, TFTP, SNMP, ENIP |
|||
|
NiagaraAX Station |
SNMP, HTTP, BACNET |
|||
|
Rockwell 1769-L16ER/B LOGIX5316ER |
SNMP, ENIP, HTTP |
|||
|
Guardian-AST |
Guardian-AST |
|||
|
Schneider SCADAPack 333E |
SNMP, DNP3, Telnet |
|||
|
Siemens S7-300 PLC |
TFTP, SNMP, IEC104 |
|||
|
IPMI Device |
HTTP, FTP, SNMP, IPMI |
|||
|
Siemens S7-1500 PLC |
HTTP, TFTP, SNMP, IEC104, PROFINET |
|||
|
Phoenix contact AXC 1050 |
HTTP, SNMP, PROFINET, FTP |
|||
|
PowerLogic ION7650 |
SNMP, MODBUS, DNP3, HTTP |
|||
|
Ascent Compass MNG |
HTTP, FTP, SNMP, IPMI, BACNET |
|||
|
C-More HMI |
SNMP, HTTP, FTP, HTTPS |
|||
|
Modicon M241 |
TFTP, SNMP, MODBUS, ENIP, HTTP |
|||
|
Modicon M580 |
TFTP, SNMP, MODBUS, ENIP, HTTP |
|||
|
Emerson iPro by Dixell |
SNMP, MODBUS, HTTP |
|||
|
Lantronix XPORT V1.8 |
SNMP, HTTP, Lantronix Discovery Protocol | |||
|
Lantronix XPORT V2.0 |
SNMP, HTTP, Lantronix Discovery Protocol | |||
|
Ubuntu16v1 |
|
SSH, SAMBA, SMTP, TCPListner, HTTP, HTTPS, GIT, ICMP, FTP, RADIUS, vnc |
||
|
ubuntu16v2
|
Elastic Search | Elastic Search | ||
| ESXI Decoy | SSH, HTTP, HTTPS | |||
| Linux Decoy | SSH, SAMBA, SMTP, TCPListener, HTTP, HTTPS, GIT, ICMP, FTP, RADUIS, vnc | |||
| Mac Decoy | SSH, vnc | |||
|
Ubuntu18v1
|
Citrix ADC Decoy |
HTTP, HTTPS |
||
|
Citrix Application Delivery Management Decoy |
HTTP, HTTPS |
|||
|
Citrix Endpoint Management Decoy |
HTTP, HTTPS |
|||
|
Citrix Receiver Decoy |
HTTP, HTTPS |
|||
|
Elastic Search |
Elastic Search |
|||
|
ESXI Decoy |
SSH, HTTP, HTTPS |
|||
|
Linux Decoy |
SSH, SAMBA, SMTP, HTTP, HTTPS, GIT, TCPListener, ICMP, FTP, RADIUS, vnc |
|||
|
MySql MariaDB Decoy |
MariaDB, SSH |
|||
|
Nginx Decoy |
HTTP, HTTPS |
|||
|
ScadaBR Decoy |
ScadaBR |
|||
|
Tomcat Decoy |
HTTP, HTTPS, SSH |
|||
|
Webmin Decoy |
HTTP, HTTPS |
|||
|
NGINX |
HTTP, HTTPS |
|||
|
Citrix (ADC Decoy/Application Delivery Management Decoy/Endpoint Management Decoy/Receiver Decoy) |
HTTP, HTTPS |
|||
| win7x64v1 | RDP, SMB, SMTP, TCPListener, NBNSSpoofSpotter | |||
|
Custom Windows 2016/2019/2022 |
|
RDP, SMB, TCPListener, NBNSSpoofSpotter, ICMP, FTP, SWIFT Lite2 |
||
|
Custom Windows 10/11 |
|
RDP, SMB, MSSQL, SMTP, TCPListener, NBNSSpoofSpotter, ICMP, SWIFT Lite2, FTP |
||
|
Custom French Windows 2016/ French Windows 10 |
|
RDP, SMB, MSSQL, HTTP/HTTPS, SMTP, TCPListener, NBNSSpoofSpotter, ICMP, SWIFT |
||
|
Custom Redhat Linux |
|
HTTP, HTTPS, GIT, SAMBA, SSH, SMTP, TCPListener, FTP, RADIUS, ICMP |
||
|
Custom Ubuntu 20.04.6 Server |
|
SSH, SAMBA, SMTP, HTTP, HTTPS, GIT, TCPListener, ICMP, FTP, RADIUS |
||
|
win10ltsc2021v1 |
|
RDP, SMB, SMTP, TCPListener, NBNSSpoofSpotter, ICMP, SWIFT Lite2, FTP |
||
| win10v1 | RDP, SMB, SMTP, TCPListener, NBNSSpoofSpotter, ICMP, SWIFT Lite2, FTP | |||
|
*outbreakv1
|
Spring4Shell |
Spring4Shell
|
||
|
Log4j2 |
Log4j2
|
|||
|
posv1 |
POS-WEB |
|||
|
iotv1
|
Lexmark Printer Decoy | SNMP, Jetdirect, Printer-WEB | ||
| HP Printer Decoy | SNMP, Jetdirect, Printer-WEB | |||
| Cisco Router Decoy | Telnet, HTTP, SNMP, CDP | |||
| Brother MFC Printer | SNMP, Jetdirect, Printer-WEB | |||
| TP-LINK Router Decoy | TP-LInk WEB, CWMP | |||
|
IP Camera Decoy |
IP Camera-WEB, UPnP, SNMP, RTSP |
|||
|
SWIFT VPN Gateway |
Telnet, HTTPS |
|||
|
HP Switch Decoy |
SNMP, Telnet, CDP, HTTP |
|||
|
MikroTik Decoy |
SNMP, Telnet, CDP, HTTP |
|||
|
medicalv1
|
PACS Decoy | Infusion Pump (Telnet), Infusion Pump (FTP) | ||
| SPACECOM Decoy | HTTP, HTTPS, FTP, CAN bus Protocol, SSH | |||
| INFUSOMAT Decoy | HTTP, HTTPS, FTP, CAN bus Protocol, B.BRAUN | |||
|
sapv1 |
|
SAP ROUTER, SAP DISPATCHER, SAP WEB |
||
|
voipv1 |
4G/5G 3GPP |
NextEPC WEB, SCTP & GTP-C, GTP-U |
||
|
|
MQTT |
MQTT WEB, CoAP |
||
|
|
SIP |
SIP |
||
|
|
XMPP |
XMPP WEB |
||
|
EV2023 |
|
HTTP, HTTPS |
*Outbreakv1: When a cybersecurity incident/attack/event occurs that has large ramifications for the cybersecurity industry and affects numerous organizations, FortiGuard Outbreak Alerts will be the mechanism for communicating important information to Fortinet's customers and partners. These Outbreak Alerts will help you understand what happened, the technical details of the attack and how organizations can protect themselves from it and others like it. The FortiDeceptor Deception VM called Outbreakv1 provides the outbreak vulnerabilities that the FortiGuard Outbreak Alerts cover. For example, you can deploy a network decoy based on FortiGuard Outbreak Alerts such as Spring4Shell and Log4j2.
fgt601v1 / fgt601v2 comparison chart
|
|
fgt601v1 |
fgt601v2 |
|---|---|---|
| Support models | FGT-60E, FGT-100F, FGT-1500D, FGT-2000E, FGT-3700D | FGT-60F, FGT-100F, FGT-1500D, FGT-2000E, FGT-3700D, FGT-60F-DMZ, FGT-100F-DMZ, FGT-1500D--DMZ, FGT-2000E-DMZ, FGT-3700D-DMZ |
| Incidents reported | All logins are recorded. |
DMZ models:
All other models are the same as fgt601v1. |
| OUI | E0:23:FF, 90:6C:AC, E8:1C:BA | E0:23:FF, 90:6C:AC, E8:1C:BA |