fbpx

Representative offices: 

Request callback
btn

WHAT'S NEW IN LABYRINTH DECEPTION PLATFORM: RELEASE 2.0.32

News

Labyrinth has released a new version of its more efficient solution for detecting and stopping hacking within corporate networks. This update offers a number of improved features that we will discuss in detail in this article.


New + Improved

Partial Generate/Terminate for Honeynets

Unlike the classic Generate/Terminateprocess, which creates Points globally for all Honeynets, the partial Generate / Terminate process allows to generate or delete Points for each Honeynet separately. This allows making changes to the configuration of Labyrinth much faster because there is no need to wait for the Points to be created for all Honeynets when making minor changes to a particular Honeynet.



Access to the web interface from Worker Node

Since this release, the web interface of Labyrinth is available not only from the Admin Consolebut also from every Worker Node. Now, it is enough to put an IP address of the Worker Node in the address bar of the browser and the main web interface of Labyrinth will be displayed.

This feature will be useful in case of distributed Labyrinth installations when one or more Worker Nodes are installed in different locations, and access to the location of Admin Console is limited.

NOTE The Web interface on Worker Node is enabled by default and cannot be disabled at this time. In the next release the possibility of disabling this feature.


Optional scanning of Honeynets networks

Before each Labyrinth generates process, scanning of all networks registered in the configuration of all Honeynets is performed. Network scanning is necessary to automatically find services (IP addresses and ports) for Universal Web Point (HTTP / HTTPS services), Windows 10 Host (RDP services), etc. This allows to start deployment of Labyrinth automatically or semi-automatically.

The scanning process significantly slows down Labyrinth generation process (depending on the number of networks and their size), and in some Honeynet configurations are not required. For example, if to specify web services for Universal Web Point in a Honeynet configuration in the Allowed IP Addresses (CSV)field, there is no need to scan the network for finding web services.

Starting from this release, it is possible to enable or disable scanning of Honeynet-related networks in the configuration of each Honeynet. This significantly speeds up generation process.

Along with the partial generation, this feature significantly reduces time needed to make changes to the configurations of Labyrinth.


Improved Universal WEB Point

The Universal Web Point type has been significantly redesigned. The main functions include the following:

  1. Automatic cloning of TLS / SSL certificate. That is, when starting this type of point, he tries to create a self-signed certificate, which is as similar as possible to the original.
  2. Ability to "listen" to more than one TCP port. Previously, Point of this type could "listen" on one TCP port. That is, if the original application, say, "listens" on port 80 with a redirect to HTTPS, then Universal Web Point would listen only to HTTPS.
  3. Added detection and simulation of Log4Shell vulnerability


Settings Integrations migration

The Settings -> Integrations options have been significantly redesigned and improved. These changes concern both the appearance (a more compact list of integrations) and fixing minor bugs.

NOTE We recommend checking the integration settings after the upgrade.

Wordlists forms and Honeynet refactoring

Wordlist (hostnames, usernames, passwords) has been significantly redesigned. In contrast to the global lists previously used to generate Labyrinth, these lists are customizable for each Honeynet. Now, there is an ability to specify different lists, for example hostnames, for each network segment.


List of available (downloaded Wordlist):


Honeynet settings:


The new Point type: VMWare vCenter Virtual Appliance

Added the new type of Point - VMWare vCenter Virtual Appliance. This is an imitation of the login form of VMWare vCenter 6.8 Virtual Appliance, which contains the Log4Shell vulnerability.

Fixes

Seeder Tasks: empty seeder tasks after generation

Fixed. Under certain circumstances, Seeder Tasks were not generated for Seeder Agents that connected after Generate. Expected Behavior: After Generate, Seeder Tasks should be created for new agents connected after Generate.


Seeder Tasks: empty related point_id

Fixed. At certain settings of the Labyrinth the following situation could arise:


TLS Certificate and Key Content-Type issue

Fixed. If the downloadable certificate or key is in the correct format, but with the wrong file extension, it was not possible to download it. Now it doesn't matter with which file extension, the main thing is to have the correct file format: PEM-encoded x509 certificate, and PEM-encoded RSA key.


Learn more about Labyrinth's innovative cyber solution.


iIT Distribution is the official distributor of the Labyrinth solutionwhich not only provides software, but also provides a full range of support and consulting services. Our company offers initial expertise and assessment of the state of IS of your company from qualified specialists, selection of equipment and software, as well as the implementation of comprehensive cybersecurity solutions in the existing infrastructure. In today's reality, it is very important to remain vigilant without postponing the issue of protecting your systems.

Back

Mobile Marketing
+