Breaking bare metal firmware encryption in FortiGate firewalls.
Credits Jon Williams (Bishop Fox)

bishopfox.com/blog/breaking-…

#Fortinet

#Fortinet 's Managed #FortiGate Service (MFGS) is a cloud-based, fully managed network operations service designed to meet network #security needs.

See how the service and Fortinet SoCaaS work hand-in-hand to perform security incident management: ftnt.net/6015emt65

Bringing back a dead Fortigate. The image wouldn’t load.

Ran a TFTP server on my MAC.

𝔅͛𝔯͛𝔦͛𝔞͛𝔫͛ ͛𝔚͛𝔥͛𝔢͛𝔩͛𝔱͛𝔬͛𝔫͛ That Fortigate is probably like, 'Man, I have seen things.'

BGP. You can see 20/0 on the Cisco routing table. This is tell you the Administrative distance of the BGP route, in this case, it is eBGP because it has a AD of 20. iBGP would have a AD of 200. I can ping from the Fortigate on the right to the Fortigate on the left, through the

Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762 assetnote.io/resources/rese… #Pentesting #CVE #CyberSecurity #Infosec

This Fortigate used to cost $20,000 😂

The switch stack access switches now has a port channel up to the nexus vPC. Assigned the switch stack a IP on the management vlan, and I am now able to ping both nexus, my Fortigate, and out to Google’s DNS server. I also have ssh access to the access switches.

💻FortiGateのIPsec-VPN設定方法

FortiGateでのIPsec-VPNの設定方法を実際の画面に沿って解説しています。
secuavail.com/kb/nw-device/f…

Created a Digital certificate for my Fortigate.

This how I do my labs lol. I have a Fortigate HA cluster lesson, and I already have a lab built out in GNS3. This lesson goes through the GUI, but in order for me to get to that gui, I need to be able to access the Fortigates in this topology over https. lol but I can’t because

Cisco, Ivanti, Fortigate SSL VPN's have been the source of many incidents and we can now add Checkpoint to that list.

I get they are convenient, but it's time to move on from these pwn portals..
bleepingcomputer.com/news/security/…

Working on taking a more specific focus in networking such as a Firewall Engineer as the next step after my upcoming role. I have the Fortinet/Fortigate experience already under my belt, and will get certified within the timeframe of this contract.

This job right here is a

自宅は外からSSL-VPNできるんだけど、FortiGate使ってる人は必ずローカルインポリシー使うべき。
送信元をJapan onlyかつnegateを有効にしてアクションはdrop。
要は日本「以外」からの着信は全てドロップ。これがないと1時間に1回以上は不正アクセスしようとするやつがいますwwインターネットこわいww

Fortigateのトートは普段使いしてるけど、藤原ボトルはちょっと…

Attending the Fortinet Accelerate Asia 2024 SAARC EDITION by FortiGate..

It's a great event on security prevention discussion.

Fortigate間のVPN通信のスループットをNEEDLEWORKで測定～🐶　グラフも表示されて便利～🙂　後でブログまとめよう～🙋‍♂️　 #NEEDLEWORK

Very interesting and in depth blog post on how to exploit an out-of-bounds write vulnerability in FortiGate SSL VPN
Dylan Pindur (Assetnote)

assetnote.io/resources/rese…

#exploit #cybersecurity

Introducing the #FortiGate 200G series, Fortinet’s latest next-gen firewall that boosts campus connectivity for Wi-Fi 7 with faster ethernet speeds.

Learn how the FortiGate 200G series provides a new approach for perimeter security: ftnt.net/6018jYMhq