Fortinet 5.0 Patch 6 Microscope & Magnifier User Manual

Open as PDF

of 705

Fortinet 32 FortiWeb 5.0 Patch 6 Administration Guide

DoS attacks

A denial of service (DoS) attack or distributed denial-of-service attack (DDoS attack) is an

attempt to overwhelm a web server/site, making its resources unavailable to its intended users.

DoS assaults involve opening vast numbers of sessions/connections at various OSI layers and

keeping them open as long as possible to overwhelm a server by consuming its available

sockets. Most DoS attacks use automated tools (not browsers) on one or more hosts to

generate the harmful flood of requests to a web server.

A DoS assault on its own is not true penetration. It is designed to silence its target, not for theft.

It is

ensorship, not robbery. In any event, a successful DoS attack can be costly to a company

in lost sales and a tarnished reputation. DoS can also be used as a diversion tactic while a true

exploit is being perpetrated.

The advanced DoS prevention features of FortiWeb are designed to prevent DoS techniques,

such a

s those examples listed in Table 3, from succeeding. For best results, consider creating a

DoS protection policy that includes all of FortiWeb’s DoS defense mechanisms, and block traffic

that appea

rs to originate from another country, but could actually be anonymized by VPN or Tor.

SQL

injection

The web application inadvertently

s SQL queries as input.

These are executed directly

against the database for

unauthorized disclosure and

modification of data.

Rely on key word

arches, restrictive

context-sensitive

filtering and data

sanitization techniques.

• Par

ameter

Validation

• Hidden Fields

Protection

• SQL Injection

Malformed

XML

To exploit XML parser or data

modeling

bugs on the server, the

client sends incorrectly formed

tags and attributes.

Validate XML formatting

r closed tags and other

basic language

requirements.

Illegal XML Format

Caution: Unlike

XML

pro

tection

profiles in previous

versions of

FortiWeb, Illegal

XML Format does

not ch

eck for

con

formity with the

object model or

recursive

payloads.

Table 2: Web-related threats

Attack

Technique

Description Protection FortiWeb Solution

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Fortinet 5.0 Patch 6 Microscope & Magnifier User Manual