NSE Training

Expand all | Collapse all

DDOS

  • 1.  DDOS

    Posted 30 days ago
    Dear Admin ,

    How to block Ddos dns amplification attack inbound with Fortinet 60F version 6.2.4 ?

    Thanks You


  • 2.  RE: DDOS

    Posted 10 days ago
    Hi,

    The capability is limited, recommend using the FortiDDOS appliance which has much greater DDOS mitigation.

    KR

    Justin


  • 3.  RE: DDOS

    Posted 9 days ago
    ok thank have a great day


  • 4.  RE: DDOS

    Posted 9 days ago
    that will be great but can you give more information ant link reference


  • 5.  RE: DDOS

    Posted 9 days ago
    Edited by nguyen viet 9 days ago
    Thanks you for reply ,

    I has been block DDOS via Splunk with command active response block source ip address


  • 6.  RE: DDOS

    Posted 8 days ago
    this is an older version but it still applies to v6.2
    https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-firewall-52/Firewall%20Policies/IPv4%20DoS%20Policy.htm


  • 7.  RE: DDOS

    Posted 8 days ago
    Dear Jonathan ,
    Thanks you for reply
     
    I have test on DoS policy but it was not effective with DNS TXT records . I think use Splunk monitor with active response command base on TXT records it best solution for small company 

    I think best solution  with large company use Cloud Akamai protection DDoS


  • 8.  RE: DDOS

    Posted 7 days ago
    Hi Nguyen,
    Did you try this with by adjusting the defaults on udp_dst_session as the defaults might be too big and let the attack pass??