Deploy the FortiDeceptor Token Package
Use a FortiDeceptor Token Package to add breadcrumbs on real endpoints and lure an attacker to a Decoy VM. Tokens are normally distributed within real endpoints and other IT assets on the network to maximize the deception surface.
To download and deploy a FortiDeceptor Token Package on an existing endpoint:
- Go to Deception > Decoy & Lure Status.
- Select the Decoy VM by clicking its checkbox.
- To download the FortiDeceptor Token Package, click Download Package.
You can only download packages with valid IP addresses. A package must have a status of Initialized, Stopped, Running, or Failed.
- Copy the FortiDeceptor Token Package to an endpoint such as a Windows or Linux endpoint.
- Unzip the FortiDeceptor Token Package:
- For Windows, copy the file in the Windows directory and run windows_token.exe by double-clicking the file.
- For Ubuntu, open Terminal and run python ./ubuntu_token.py.
When the FortiDeceptor Token Package is installed on a real Windows or Ubuntu endpoint, it increases the deception surface and lures the attacker to a Decoy VM.