Ab sofort können sich sich bei der „Boll Engineering Tech Blog Updates Mailingliste“ anmelden.
Damit erhalten Sie automatisch ein Email, sobald ein neuer Blog Beitrag veröffentlicht wurde.
You can now subscribe to the „Boll Engineering Tech Blog Updates Mailinglist“.
You will automatically receive an email as soon as a new blog post is published.
WatchGuard announced in the last days a new feature called Dark Web Scan. The feature is hosted in the WatchGuard cloud. With this new tool, you can perform searches based on email addresses and domain names to see which accounts have been exposed on the dark web during known data breaches.
Here are some screenshots from my test:
Sicherlich haben Sie sich schon gefragt, wann welches Feature in welchem Fireware Release eingeführt wurde. Da sich dies nur mühsam per Release Notes oder Dokumentation rausfinden lässt, hat WatchGuard für ihre Features einen KB Artikel mit einer Feature Liste pro Version erstellt:
New Firebox features by Fireware version
https://watchguardsupport.secure.force.com/publicKB?type=Article&SFDCID=kA10H000000boxYSAQ&lang=en_US
Customers of Menlo Security using Internet Explorer (IE) are protected against a recent and still-active zero-day exploit using Internet Explorer, as outlined by Microsoft’s security update CVE-2020-1380.
The remote code execution vulnerability allows an attacker to take advantage of how the engine handles memory and to force corruption.
„Menlo Security Prevents Zero-Day Threat on Internet Explorer“ weiterlesen
Based on two recent support cases regarding the IPsec performance between an OnPrem and Azure FortiGate, we did some testing using the latest FortiOS 6.4.1.
We’ve created a basic IPsec tunnel using the wizard, deployed an Ubuntu machine at both sites and used iPerf3 to do some speed testing. The results were nowhere near the expected numbers, while sending from Azure to OnPrem (~250Mbit/s) was a bit faster than reverse (~120Mbit/s).
„Fortigate VM Azure: IPsec performance issue“ weiterlesen726 total views, 6 views today
Since a while, the most recent macOS versions the system do report the use of „legacy system extensions“ which is often triggered by modules or plugins of low-level software like VPN Clients, AV software etc.
„FortiClient/PaloAlto Support for Catalina – „legacy system extensions“ error“ weiterlesen
Did you know, that on the FortiAP FAP-C24JE, the VLAN ID’s 898 and 899 are reserved for system use?
Or that the FortiAP models FAP-S221E, FAP-S223E, FAP-221E, FAP-222E, FAP-223E and FAP-224E can not work with VLAN ID 97 and 98? I’m sure you already guessed it: These ID’s are reserved for system use.
„FortiAP and VLAN ID 97 or 98“ weiterlesen
There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article.
The problem here is not only the unauthorized access to the system, but also the change of the password of all configured administrative accounts. Also, the maintainer functionality to reset the administrator password over a serial console of the FortiMail is being disabled from the attacker.
„Upgrade your FortiMail now!“ weiterlesen711 total views, 1 views today
Since June 1st you may notice that some websites (https) are not working anymore when Fortigate or the Palo Alto Networks Firewall is doing decryption or certificate inspection. Typically you are getting one of the following error messages:
1,685 total views, 22 views today
Configuring SSLVPN with FortiGate and FortiClient is pretty easy. Nevertheless problems may occur while establishing or using the SSLVPN connection.
„Troubleshooting FortiGate SSLVPN problems“ weiterlesen6,105 total views, 82 views today
