Insecure access of web console on FortiGate firewall

Vulnerability:

FortiGate UTM web Console of firewall access is unrestricted. No host restriction on web access control.

Description:

Firewall Web Console can be accessed from any of the hosts in the LAN network which is not best practice. Access Control or host white listing to access firewall console is not present.

This solution will applicable for all fortigate firewall OS. this will help in VAPT as well.

Impact:

Unrestricted access to firewall web console can allow any user from the network to access the firewall web console. Brute force technique can be used to crack the console password and any one could even lock the console by trying multiple failed attempts.

Solution:

IP or Host restriction should be enforced for accessing the console of firewall.

We need to give web GUI access to those host IP who can confidently configuring allowed firewall. I will identified those host IP for trusted computer.

According to this I can easily identified that who logged in firewall and logs details as well.

Go to the below step-

Select system >> admin

insecure login 1

Add restrict login to trusted host IP. You can add multiple host IP as per your requirement.

insecure login 2

If you have any query regard this article please let me know on below comment box.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: