Firewall – D E C E I V E R . I O

Deceive, Detect, Engage

Fake Firewall with Permissive Ruleset

Deploy a decoy firewall with an intentionally permissive ruleset that allows most traffic to pass through. This can be used to lure attackers into a false sense of security, allowing you to observe their activities and gather intelligence on their tools and techniques.

Deceptive Firewall Rules

Goal: Disrupt attacker reconnaissance and lateral movement by configuring deceptive firewall rules.

Approach: Creating firewall rules that mislead attackers about network segmentation and access controls.

Configure firewall rules that appear to block access to critical systems or sensitive data, but actually redirect traffic to honeypots or decoy networks. This can mislead attackers about the network topology and hinder their progress.

Tag: Firewall

Fake Firewall with Permissive Ruleset

Deceptive Firewall Rules

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense