Fortigate IPS DoS Test용 configuration Sample 업무이야기/Fortinet 2012.10.18 11:16

# Fortigate IPS DoS configuration Sample

qvrexhqfw2 $ show ips DoS block_dos
config ips DoS
    edit "block_dos"
            config anomaly
                edit "tcp_syn_flood"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "tcp_port_scan"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "tcp_src_session"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "tcp_dst_session"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "udp_flood"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "udp_scan"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "udp_src_session"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "udp_dst_session"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "icmp_flood"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "icmp_sweep"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "icmp_src_session"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "icmp_dst_session"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "ip_src_session"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
                edit "ip_dst_session"
                    set status enable
                    set log enable
                    set action block
                    set threshold 10
                next
            end
    next
end
qvrexhqfw2 $ sh firewall interface-policy
config firewall interface-policy
    edit 1
        set interface "dmz"
            set srcaddr "all"
            set dstaddr "all"
            set service "ANY"
        set ips-DoS-status enable
        set ips-DoS "block_dos"
    next
end

저작자 표시 비영리 변경 금지
신고

'업무이야기 > Fortinet' 카테고리의 다른 글

Fortigate Port Restricted  (0) 2013.03.10
Resetting a lost Fortigate Admin Password  (1) 2012.11.07
FortiOS 5.0 Enhancement Summary  (0) 2012.10.23
Introducing FortiOS 5.0 - More Security, More Control, More Intelligence  (0) 2012.10.23
Fortigate IPS DoS Test용 configuration Sample  (0) 2012.10.18
Fortigate SSL VPN 설정 샘플  (0) 2012.10.18
, , , , , , , , ,
트랙백228 , 댓글0