Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Andy_G
Staff
Staff

Created on ‎06-05-2009 01:14 AM Edited on ‎05-26-2022 09:22 AM By Anonymous

Article Id 194854

Technical Tip: IPS rule to block setting safe search rule on Bing.com

Description
The following IPS custom signature will block the return packet from the Bing.com (Microsoft search engine) server that switches the option in the users' cookie, and should effectively block the users from disabling the safe search option to prevent adult content display.
Solution
This signature will block safe search on Bing.com
 

F-SBID( --name "Bing.Search.Safe"; --protocol tcp; --service HTTP; --flow from_server; --pattern "ADLT=OFF"; --context header; )

Procedure to add a custom signature:

  1. Go to Intrusion Protection> Signature> Custom.
  2. Select Create New.
  3. Enter the name for the signature, for example, "Windows Streaming Audio".
  4. For the Signature, enter the following:
    F-SBID( --name "Bing.Search.Safe"; --protocol tcp; --service HTTP; --flow from_server; --pattern "ADLT=OFF"; --context header; )
  5. Set the Action to Drop Session.
  6. Select OK.

 

Note: In FortiOS 3.0 MR6, you create the custom signature, then add it to an IPS sensor where you define the action.



Labels:
1423
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.