Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
#3 that fact that the firewall fell down under the load and then rebooted itself allowing root access via SSH (NSS doesn' tThis is a serious threat that need serious attention from Fortinet. With the half baked IPS and AV, will not be able to stop persistent attack. Hope they will address the issue sooner. Phuocngo
Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
You can try to enable IPS rule: " TCP.Stealth.Activity" . I think it' s disabled by default.The statement from Fortinet has me to believe that they have created a new IPS signature that was pushed out to all customers yesterday. My question is what is the IPS signature? I only ask because I want to call Fortinet' s bluff. The " TCP.Stealth.Activity" is from 2006 and not yesterday. Also my second point... I want to know which signature because I' m 99% sure that it is not enabled by default which means that it will not log on this new attack and will not protect you as Fortinet has stated in the article.
The statement from Fortinet has me to believe that they have created a new IPS signature that was pushed out to all customers yesterday. My question is what is the IPS signature? I only ask because I want to call Fortinet' s bluff. The " TCP.Stealth.Activity" is from 2006 and not yesterday. Also my second point... I want to know which signature because I' m 99% sure that it is not enabled by default which means that it will not log on this new attack and will not protect you as Fortinet has stated in the article.Yes, Fortinet should be a little more up front about this and state when it will be available, what version of the IPS sig/definition and how to enable it (if not on by default) *now*. Beside the fact that (IMO) relying on the IPS is a bit of a cop out anyway. I' d also expect them to release a definite date on the firmware patch (or at least a decent estimate) considering the severity of the issue.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1703 | |
1092 | |
752 | |
446 | |
229 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.