Does anybody knows how to trigger IPS signature for CVE-2021-44228? Sample of the test request would be nice.
Hello, here is some information related:
https://www.fortiguard.com/outbreak-alert/log4j2-vulnerability
1. Security Profiles/Intrusion Prevention/ <IPS profile name>/Edit
2. IPS Signatures and Filters/Create New
3. Type-Signature/Action-Block/Status-Enable/ search-apache.log (then clic in search icon)
4. Select (clic) "Apache.Log4j.Error.Log.Remote.Code.Executio.." - add Selected - clic OK
5. Put this new entry on top (drop it)
6. Clic OK
I have no problem to activate it, how can I test it to make sure it works?
May this help.
You can try this method:
https://twitter.com/ThinkstCanary/status/1469439743905697797?s=20
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.