Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Test request for IPS signature (CVE-2021-44228)
Does anybody knows how to trigger IPS signature for CVE-2021-44228? Sample of the test request would be nice.
Labels:
- Labels:
-
FortiGate
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello, here is some information related:
https://www.fortiguard.com/outbreak-alert/log4j2-vulnerability
1. Security Profiles/Intrusion Prevention/ <IPS profile name>/Edit
2. IPS Signatures and Filters/Create New
3. Type-Signature/Action-Block/Status-Enable/ search-apache.log (then clic in search icon)
4. Select (clic) "Apache.Log4j.Error.Log.Remote.Code.Executio.." - add Selected - clic OK
5. Put this new entry on top (drop it)
6. Clic OK
Jonathan De La Fuente | LATAM TAC Engineer
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have no problem to activate it, how can I test it to make sure it works?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
May this help.
Jonathan De La Fuente | LATAM TAC Engineer
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can try this method:
https://twitter.com/ThinkstCanary/status/1469439743905697797?s=20
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content