Hi,
this is for sure no direct problem of Fortinet, but I hope, that some of you had this issue in the past. We have got 2 clients, which periodically (not at a fixed time, but every 2-3 days in the week) try to connect to xxx sites. The connections get initiated every 1-4 seconds. In this timespan numerous xxx sites try to get opened, but our Fortigate blocks the connection attempt cause of web-filtering.
In first instance we scanned the clients for malware, we scanned for browser hijackers, we did a browser-clean-up / reset, but the behaviour appears again.
The user insists that he is not trying to open such sites, which seems to be right, cause he cannot open different sites every second.
For me it seems like that there is some kind of automatism opening these sites. Perhaps its a webpage which can be opened from the userside and then the webpage tries to open these sites.
My concern: How can I track down these problem? I am using forticloud, but can not see any pattern for this case.
Thanks a lot!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Just checked it!
Could you please elaborate how you solved the issue? Maybe we can take away something from your experience then. Thx.
Never trust a user!
We investigated today that the users are using google-picture-search to view XXX pics which lead to the numerous blocked **bleep**ograpy-websites in our logs. The pictures are viewed in google-pic-search and I assume, that background-connections to the XXX sites are blocked.
We are now looking into it to block such content from google (perhaps safe-search would be an option on the forti).
Insane!
Yeah, sure, thanks for sharing.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.