FortiGate IPS User Guide Version 3.0 MR7
4
01-30007-0080-20080916
Creating custom signatures ........................................................................... 23
Custom signature fields .............................................................................. 23
Custom signature syntax ............................................................................ 24
Example custom signatures........................................................................ 33
Protocol decoders ........................................................................... 37
Protocol decoders ........................................................................................... 37
Upgrading the IPS protocol decoder list....................................................... 37
Viewing the protocol decoder list .................................................................. 38
IPS sensors ...................................................................................... 39
Viewing the IPS sensor list............................................................................. 39
Adding an IPS sensor ................................................................................. 40
Configuring IPS sensors................................................................................. 40
Configuring filters ........................................................................................ 42
Configuring pre-defined and custom overrides ........................................... 43
DoS sensors ..................................................................................... 45
Viewing the DoS sensor list ........................................................................... 46
Configuring DoS sensors ............................................................................... 46
Understanding the anomalies ........................................................................ 48
SYN flood attacks ............................................................................ 51
What is a SYN flood attack? ........................................................................... 51
How SYN floods work ..................................................................................... 51
The FortiGate IPS Response to SYN flood attacks ...................................... 52
What is SYN threshold?.............................................................................. 52
What is SYN proxy? ................................................................................... 52
How IPS works to prevent SYN floods........................................................ 52
Configuring SYN flood protection ................................................................. 54
Suggested settings for different network conditions .................................. 54
ICMP sweep attacks......................................................................... 55
What is an ICMP sweep? ................................................................................ 55
How ICMP sweep attacks work ...................................................................... 55
The FortiGate IPS response to ICMP sweep attacks.................................... 55
Predefined ICMP signatures ....................................................................... 56
ICMP sweep anomalies .............................................................................. 57
Configuring ICMP sweep protection.............................................................. 58
Suggested settings for different network conditions .................................. 58
Index.................................................................................................. 59
Содержание FortiGate 3.0 MR7
Страница 1: ...www fortinet com FortiGate IPS User Guide Version 3 0 MR7 U S E R G U I D E...
Страница 50: ...FortiGate IPS User Guide Version 3 0 MR7 50 01 30007 0080 20080916 Understanding the anomalies DoS sensors...
Страница 60: ...FortiGate Version 3 0 MR7 IPS User Guide 60 01 30007 0080 20080916 Index T technical support 8...
Страница 61: ...www fortinet com...
Страница 62: ...www fortinet com...