Hello,
I want to ask, recently i configure fortigate 90 D with enable IPS in my policy from internal to Internet
i try to scanning with NMAP from outside networks, but NMAP still can scan my networks
so i want to ask, how to i prevent NMAP from scanning my networks? anyone can help me?
sorry for my bad english.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
The scanning is out-to-in direction. Nothing to do with in-to-out policies. If the scanning can come through the FG, you must have polices with VIP or just routing into your internal network for out-to-in direction. Check those and filter them at the FG if it's routing in. If VIPs, narrow down the forwarding ports only the servers behind are serving. Those ports show as open obviously.
so i have create policy from outside to inside with enabled IPS for prevent NMAP scanning from my public ip ?
sorry for my bad english
Why would you create a new policy? If you don't have out-to-in policy at all, your network is mostly secure. Only ports somebody would see as open are those remote access to the outside IP on the FGT, such as SSH(22), HTTPS(443), and always BGP(179). You can close remote access ports by just disabling those access on the interface or list the source IPs you want to allow with local-in-policy or ACL. To close BGP port, options are only local-in-policy or ACL. Then you're clear for any security audit and penetration(PEN) tests.
But if you happen to have (you don't seem to have any now) internal servers for outside users, like email servers, web servers, FTP servers, etc. and want to protect them from scanning and subsequent attackes at FW level, you can try some methods described in online manual below.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1631 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.