Friday, August 26, 2016

Fortigate HA link uses telnet ( no-ENC )

When setting up a  HA link you need to be aware that with out  the encryption enabled, your HA traffic is in the clear.

What this means, anybody who creative can sniff traffic and gather  information. Here's what the cli cmd  diag sniffer packet port_ha "port 23"  shows







 You would think a security outfit would never use  telnet 



Enabling encryption for the  ha configuration is a must & is available from the CLI only.


Ken

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
         o 
        /  \

1 comment:

  1. Your tip is amazing. Even more amazing after you check that official hardening chapter does not mention this weak at all...

    ReplyDelete