Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
FnUser
New Contributor

Test request for IPS signature (CVE-2021-44228)

Does anybody knows how to trigger IPS signature for CVE-2021-44228? Sample of the test request would be nice.

5 REPLIES 5
jdelafuente_FTNT

Hello, here is some information related:

https://www.fortiguard.com/outbreak-alert/log4j2-vulnerability

 

1. Security Profiles/Intrusion Prevention/ <IPS profile name>/Edit
2. IPS Signatures and Filters/Create New
3. Type-Signature/Action-Block/Status-Enable/ search-apache.log (then clic in search icon)
4. Select (clic) "Apache.Log4j.Error.Log.Remote.Code.Executio.." - add Selected - clic OK
5. Put this new entry on top (drop it)
6. Clic OK

Add New signature for Apache vulnAdd New signature for Apache vulnputit on topputit on top

Jonathan De La Fuente | LATAM TAC Engineer
FnUser

I have no problem to activate it, how can I test it to make sure it works? 

jdelafuente_FTNT
zeki893
New Contributor II

FnUser
New Contributor

Didn't trigger on IPSDidn't trigger on IPS

Top Kudoed Authors