Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ACEGYRA
Contributor

Signature related query

Want to  know what signatures can be put in prevent for below audit remarks -OS fingerprinting, host port scanning, fsl evasion, bruteforce

 

0 Kudos
4 Replies

I would assume that none of these can be prevented using signatures!

2. sk110873: How to configure Security Gateway to detect and prevent port scan

CCSE CCTE CCSM SMB Specialist
0 Kudos
PhoneBoy
Admin
Admin

There is a Core protection called Fingerprint Scrambling, which is disabled by default.
As I recall, it has a pretty significant performance impact.

There are also a few different "brute force" IPS protections depending on the exact target:

image.png

Some of these are enabled by default in the Optimized and Strict profiles, a few are not due to their significant performance impact.

Guenther already linked to information on port scanning

I don't know what "fsl evasion" is, can you elaborate?

0 Kudos
ACEGYRA
Contributor

sorry its please read as ssl evasion not fsl evasion.

0 Kudos
PhoneBoy
Admin
Admin

Not familiar with this term please describe in more detail.

0 Kudos