Created on 02-17-2006 12:00 AM
To block emule P2P, first ensure that the FortiGate unit has the latest Antivirus and NIDS definition updates. The installed version appears on the System > Status menu. The currently distributed version is listed on the FortiGuard Center web site: http://www.fortinet.com/FortiGuardCenter/av.html FortiOS 3.0For FortiOS 3.0, the protection profile has a blocking feature for the eDonkey network that enables you to block or limit the file transfer size. To configure the eDonkey network
Note there are additional IPS signatures which you can block or enable for eMule. To view, go to Intrusion Protection> Signature> Predefined. Select the Misc arrow to expand the list. FortiOS 2.8To block emule file sharing
If Logging on the signature is also enabled, the following message will be logged when an Emule/Edonkey client attempts to connect to a server. 2006-02-17 15:42:01 Local7.Alert 72.31.225.206 date=2006-02-17 time=06:41:03 device_id=FG200A210xxxxxxx log_id=0420070000 type=ips subtype=signature pri=alert vd=root attack_id=109051907 src=193.138.221.214 dst=10.105.1.15 src_port=4242 dst_port=3691 src_int=wan1 dst_int=internal status=drop_session proto=6 service=3691/tcp msg="p2p: edonkey [Reference: http://www.fortinet.com/ids/ID109051907]" |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.