How to create DHCP server and a policy in the Fortigate

-
Here is an example script that demonstrates how to use the  fortigate-api  package to create a DHCP server and a policy in the Fortigate   from fortigate_api import FortigateAPI # Create a FortigateAPI object fgt = FortigateAPI(host="host", username="username", password="password") # Create a DHCP server data = {     "default-gateway": "192.168.255.1",     "netmask": "255.255.255.0",     "interface": "vlan.123",     "ip-range": [         {"start-ip": "192.168.255.2", "end-ip": "192.168.255.254",}     ], } fgt.dhcp_server.create(data) # Create a policy in the Fortigate data = dict(     name="POLICY",     status="enable",     action="accept",     srcintf=[{"name": "any"}],     dstintf=[{"name": "any"}],     srcaddr=[{"name": "all"}],     dstaddr=[{"name&quo
Post a Comment

Prevent Social Engineering Attacks

-

How to avoid from social engineering attack:-

1. Avoid disclosing any official Information ℹ️ on untrusted phone 📱 calls 📞, meeting or email ✉️ messages. Attackers often pose as genuine people to gain confidential and official Information to cause a data breach.

Spam calls 📞
2. Avoid phishing attacks-- do not 🚫 open 💌 untrusted email. Do not 🚫 open email attachments which do not seem relevant to any ongoing official communication. If any messages or email conveys a sense of urgency, seems to apply high pressure sales tactics, be careful of opening or clicking on any 🔗 links/ attachments.
Unwanted email ✉️

3. Avoid wishing and phishing attacks-- Do not 🚫 reveal any sensitive information over phone 📱 calls 📞 unless the source is completely verified and trusted. Ask for some verifiable credentials such as name of immediate senior (if the caller poses as an official of another Government Department). Try to get assurance as to the identity 🆔 of the caller prior to disclose any vital information ℹ️.
Fake calls 📞 phishing attacks
4. Be careful of honey traps/ quid pro quo scams where attackers pose as genuine person and make a data theft attempt seems like a fair communication.
Unsafe 🕸️ website

5. Avoid phone 📞 calls 🤠 scam or ✉️ email SMS regarding unknown inheritance, foreign lottery, funds transfer request from foreign country, etc. These are just examples of scams to get some money 💲 or Information ℹ️ from you.
Lottery scams

6. Power supply should be controlled through UPS or surge protector. Sudden power cuts may result in loss of data or non-recovery of important systems due to corruption of operating systems files.
Power supply issue data loss
Important Note:-

1. Don't leave without closing all browsers and logging out from the public computers.
2. Do not click on untrusted URL. Check the certificate validity of https icon before opening any link.
3. If any message or email conveys a sense of  urgency, seems to apply high pressure sales tactics, be careful of opening or clicking on any link/ attachment.
4. Avoid phone calls/ emails/ sms regarding unknown inheritance, foreign lottery, fund transfer request from foreign country, etc.
5. Immediately change your password if revealed to anyone for any purpose. 


Comments

Post a Comment

Popular posts from this blog

How to Configure VXLAN in FortiGate Firewall

-
Image
How to Configure VXLAN in FortiGate Firewall A brief explanation of the given topology: - Ø On top of all, there are two FortiGate Firewalls with L3 connectivity in between. Ø Under Each Firewall we have one Cisco Switch with two VLAN configured i.e.;3500 & 3600 Ø Uplink for switches has been configured with 802.1Q trunk which is connected to FortiGate Firewall. Ø Each switch has two PCs connected one in VLAN 3500 & other one in 3600 VLAN. Ø We have configured VLAN and VXLAN on both the FortiGate Firewall. Ø In this topology PCs in the same VLAN will be able to communicate with each other through a L3 link using VXLAN technology and they will be encapsulated such that both the PCs will think that they are within the L2 domain.           FortiGate Firewall Configuration VXLAN Configuration: - FGT-1: config system vxlan     edit "vxlan3500"         set interface "port
Read more

Higher Availability in FortiGate and VRRP in Cisco

-
Image
  Higher Availability in FortiGate and VRRP in Cisco A brief explanation of the given topology: - Ø On top of all, there are two FortiGate Firewalls one Active other one as Standby. Ø With the Higher Availability (HA) configured for handling the Failover of active Firewall. Ø There are two CORE switches with VRRP Configuration: CORE-1 as Master and CORE-2 as Slave. Ø Between two CORE-1 and CORE-2, two links in the Port Channel have been configured. Ø SVIs and static default route toward the Firewall has been configured for LAN users. Ø Also, the DHCP server has been configured for DATA and VOICE VLANs. Ø Two Layer 2 switches with uplinks as trunk and VLANs. FortiGate Firewall Configuration HA Configuration in FortiGate Firewall: - Here I have kept by default priority i.e.; 128 for “ ACTIVE-FIREWALL ” whose role is primary and I have set 100 for the “ STANDBY-FIREWALL ” whose role is secondary.   By default, the selection process of HA in FortiGat
Read more

Python Script to take the Backup of Multiple device in a Network

-
Image
from netmiko import ConnectHandler Sw_1 = { 'device_type': 'cisco_ios', 'host': '192.168.6.10', 'username': 'admin', 'password': 'Admin@123', 'port': 22, # optional, defaults to 22 'secret': 'secret', # optional, defaults to '' } Sw_2 = { 'device_type': 'cisco_ios', 'host': '192.168.6.20', 'username': 'admin', 'password': 'Admin@123', 'port': 22, # optional, defaults to 22 'secret': 'secret', # optional, defaults to '' } Sw_3 = { 'device_type': 'cisco_ios', 'host': '192.168.6.30', 'username': 'admin', 'password': 'Admin@123', 'port': 22, # optional, defaults to 22 'secret': 'secret', # optional,
Read more