Fortinet 5.0 Patch 6 DoS attacks

Fortinet 32 FortiWeb 5.0 Patch 6 Administration Guide

DoS attacks

A denial of service (DoS) attack or distributed denial-of-service attack (DDoS attack) is an

attempt to overwhelm a web server/site, making its resources unavailable to its intended users.

DoS assaults involve opening vast numbers of sessions/connections at various OSI layers and

keeping them open as long as possible to overwhelm a server by consuming its available

sockets. Most DoS attacks use automated tools (not browsers) on one or more hosts to

generate the harmful flood of requests to a web server.

A DoS assault on its own is not true penetration. It is designed to silence its target, not for theft.

It is censorship, not robbery. In any event, a successful DoS attack can be costly to a company

in lost sales and a tarnished reputation. DoS can also be used as a diversion tactic while a true

exploit is being perpetrated.

The advanced DoS prevention features of FortiWeb are designed to prevent DoS techniques,

such as those examples listed in Tab le 3, from succeeding. For best results, consider creating a

DoS protection policy that includes all of FortiWeb’s DoS defense mechanisms, and block traffic

that appears to originate from another country, but could actually be anonymized by VPN or Tor.

SQL

injection

The web application inadvertently

accepts SQL queries as input.

These are executed directly

against the database for

unauthorized disclosure and

modification of data.

Rely on key word

searches, restrictive

context-sensitive

filtering and data

sanitization techniques.

•Parameter

Validation

•Hidden Fields

Protection

•SQL Injection

Malformed

XML

To exploit XML parser or data

modeling bugs on the server, the

client sends incorrectly formed

tags and attributes.

Validate XML formatting

for closed tags and other

basic language

requirements.

Illegal XML Format

Caution: Unlike

XML protection

profiles in previous

versions of

FortiWeb, Illegal

XML Format does

not check for

conformity with the

object model or

recursive

payloads.

Tabl e 2 : Web-related threats

Attack

Technique

Description Protection FortiWeb Solution