April 10, 2017

A small town on the Internet with a digital ax murderer roaming around.

Fortegoville is an IoT honeypot and research network that represents the best duplication possible of IoT solutions that would be found in any town. Everything from cars, to street lights, to baby monitors can be connected, analyzed and secured in Fortegoville.  In addition, the consequences of failing to secure IoT devices can be studied, understood and mitigated using Fortegoville as a model.

What are the goals of Fortegoville?

One of the main goals in establishing Fortegoville is to reduce all of the tertiary tasks that are required to create an environment suitable for red and blue teaming IoT devices. The idea is to set up everything we would need once and reuse that infrastructure as much as possible. Fortegoville provides us an amazing environment almost out of the box to do any and all work in the lab related to IoT security, research or development.

How does Fortegoville work?

At its core, Fortegoville incorporates several amazing free resources to allow us the flexibility and power we need. We use Amazon Web Services heavily for virtualization, OpenVPN for secure connections, and pfSense as a powerful and configurable firewall. Fortegoville integrates Bro, ElasticSearch, Logstash, and Kibana (a typical ELK stack) for analysis and visualization of collected data. We have written scripts to automate deployments and configurations as well as perform more menial tasks such as carving binaries out of network traffic.

Please check out all our public Fortegoville related research on our blog!

For more information on how you can use Fortegoville to analyze and secure your device, please contact Jason Ortiz.