Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

jward_FTNT
Staff
Staff

Created on ‎03-07-2017 11:01 AM

how to block port scanning with fortiweb ?

Maybe your term port scanning is lost in translation ;)

On the fortiweb you can configure rules to only allow certain directories to be accessed.

If it is truly port scanning youre worried about then theyre going to probe 80 and 443 if theyre active.

Id be a little worried about your question.. if thats the case.

Regards
John.

On 07 Mar 2017 10:45 PM, "wajih ELMJENDEL via waf.pub" wrote:

jim, the goal is to block or to stop external probe on port 80 or 443 .



Wajih

-----End Original Message-----
Labels:
232
0 Kudos
1 REPLY 1
jward_FTNT
Staff
Staff

Created on ‎03-07-2017 11:25 AM

To recap, you will need a gate and a waf. The dos policy on the gate and the access control policy on the waf.

On 07 Mar 2017 11:11 PM, "Jim White via waf.pub" wrote:

Blocking a port scans would be an option on a gateway firewall to help prevent a source from scanning a single IP or network range probing to seeing which services are running within that target IP/network. After the run a port scan they often follow up with a service probe to see what is running on the identified running services. I suspect you are talking about blocking this second phase where the WAF blocks a source from scanning a web service. The behaviors like spiders/crawlers can be identified and blocked using the FortiWeb the Advanced Rules. They match on multiple conditions and then take an action. There are some predefined polices that you can use or clone to customized. These rules are very flexible and should meet your match condition requirements.



Reference Help Article: http://help.fortinet.com/fweb/570/index.htm#cshid=advanced_access_rule



[cid:image001.png@01D2975D.74B94FA0]



Let us know if this does not meet you customer’s request/requirements.



Kind Regards,



Jim



From: wajih ELMJENDEL via waf.pub [mailto:waf.pub@fuse-lists.fortinet.com]
Subject: [waf.pub] - RE: how to block port scanning with fortiweb ?



jim, the goal is to block or to stop external probe on port 80 or 443 .

-----End Original Message-----
229
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.