BluSapphire
Search
⌃K

Web-Apps

LIADS HTTP/HTTPS Based Services with configurable options
This section provides information on deployable Low-Interactive-Active-Defense-Services (LIADS) HTTP/HTTPS-based services with configurable options and logging:

HTTP (Basic-Auth)

Emulates an HTTP service running on the server with a basic login page. By default, the service is configured to run on 'TCP/80', any connection attempts made with the service are logged and alerted.
  • Log data captured include "Source-IP, Destination-IP, URI, User-Agent, Username/Password used during login attempt", which can be used during analysis by the analyst.
  • Service options that can be configured:
    • Service Port, Banner/Version, Template

CITRIX ADC (HTTPS)

Emulates a CITRIX HTTPS service running on the server with the CITRIX portal page. By default, the service is configured to run on 'TCP/443', any connection attempts made with the service are logged and alerted.
  • Log data captured include "Source-IP, Destination-IP, URI, User-Agent, Username/Password used during login attempt".
  • Service options that can be configured as needed.
    • Port, Banner/Version

CISCO ASA (HTTPS)

Emulates a running Cisco Adaptive Security Appliance (ASA) HTTP service on the server. By default, the service is configured to run on 'TCP/8443', any connection attempts made with the service are logged and alerted.
  • Log data captured include "Source-IP, Destination-IP, URI, User-Agent".
  • Though the service does not require additional configuration, the service port can be reconfigured as needed.