HTTP EVADER

Hello.

Fortigate can't pass in http evader tests from noxxi.de, using SSL Deep Inspection, AV, IPS etc. Running last FortiOS 5.6.

Have some recommendation or best pratice for attacks like this?

Explorer

Hey there,

yes fortios 5.6 can pass this test.

update to the latest 5.6 (5.6.5) and then

you have to enable av heuristics and most important use the extendet ips database and then set Action to block

in the security profiles.

if you use "default" instead of "block" in the ips profile, the eicar Virus will not be blocked.

run the test again

New Member

Hi, I followed the steps mentioned but I still don't pass the evader test, I´m running FortiOS 6.0.8 version

Explorer

Hey there,

please have a look at you ips logs, are there any eicar virus test file messages and are they blocked?

Regards

Sign up