NSE Training

Expand all | Collapse all

DDOS

  • 1.  DDOS

    Posted Jun 01, 2020 06:42 AM
    Dear Admin ,

    How to block Ddos dns amplification attack inbound with Fortinet 60F version 6.2.4 ?

    Thanks You


  • 2.  RE: DDOS

    Posted Jun 21, 2020 09:20 AM
    Hi,

    The capability is limited, recommend using the FortiDDOS appliance which has much greater DDOS mitigation.

    KR

    Justin


  • 3.  RE: DDOS

    Posted Jun 22, 2020 11:22 PM
    ok thank have a great day


  • 4.  RE: DDOS

    Posted Jun 22, 2020 11:05 PM
    that will be great but can you give more information ant link reference


  • 5.  RE: DDOS

    Posted Jun 22, 2020 11:13 PM
    Thanks you for reply ,

    I has been block DDOS via Splunk with command active response block source ip address


  • 6.  RE: DDOS

    Posted Jun 23, 2020 09:05 AM
    this is an older version but it still applies to v6.2
    https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-firewall-52/Firewall%20Policies/IPv4%20DoS%20Policy.htm


  • 7.  RE: DDOS

    Posted Jun 23, 2020 07:10 PM
    Dear Jonathan ,
    Thanks you for reply
     
    I have test on DoS policy but it was not effective with DNS TXT records . I think use Splunk monitor with active response command base on TXT records it best solution for small company 

    I think best solution  with large company use Cloud Akamai protection DDoS


  • 8.  RE: DDOS

    Posted Jun 24, 2020 01:42 AM
    Hi Nguyen,
    Did you try this with by adjusting the defaults on udp_dst_session as the defaults might be too big and let the attack pass??