community.fortinet.com
Open in
urlscan Pro
3.165.136.2
Public Scan
URL:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Recommended-steps-to-execute-in-case-of-a/ta-p/230694
Submission: On January 07 via manual from FR — Scanned from FR
Submission: On January 07 via manual from FR — Scanned from FR
Form analysis 1 forms found in the DOM
<form autocomplete="off" id="searchForm" class="su__search-forms su__m-0">
<div class="su__form-block su__w-100 su__position-relative">
<div class="su__radius-2 su__d-flex su__position-relative"><span class="SU-search-granularity-wrapper"><select title="Search Granularity" class="SU-search-form-granularity search-granularity" aria-label="Search Granularity" id="searchGranularity"
name="searchGranularity">
<option title="All Content" value="allcontent">All Content</option>
<option title="Forum" value="community">Community</option>
<option title="Knowledge Base" value="tkb">Knowledge Base</option>
<option title="This Board" value="board">This Board</option>
</select></span><input id="search-box-autocomplete" class="su__input-search su__w-100 su__su__font-14 su__text-black su__p-3 su__border-none su__radius-2 su__pr-60" type="input" placeholder="Search here"><button type="button"
class="su__btn su__search_btn su__animate-zoom su__flex-vcenter su__position-absolute su__zindex su__bg-transparent su__rtlleft" title="searchBtn" aria-label="Search"><svg width="24" height="24" viewBox="0 0 24 24">
<path
d="M15.5 14h-.79l-.28-.27C15.41 12.59 16 11.11 16 9.5 16 5.91 13.09 3 9.5 3S3 5.91 3 9.5 5.91 16 9.5 16c1.61 0 3.09-.59 4.23-1.57l.27.28v.79l5 4.99L20.49 19l-4.99-5zm-6 0C7.01 14 5 11.99 5 9.5S7.01 5 9.5 5 14 7.01 14 9.5 11.99 14 9.5 14z"
fill="#333"></path>
</svg></button></div>
</div>
</form>Text Content
Browse
Fortinet Community
HelpSign In
Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Holiday badge!
Become a member today!
LOGIN/REGISTER CONTINUE AS A GUEST
* Support Forum
* Knowledge Base
* Customer Service
* Internal Article Nominations
* FortiGate
* FortiClient
* FortiAP
* FortiAnalyzer
* FortiADC
* FortiAuthenticator
* FortiBridge
* FortiCache
* FortiCarrier
* FortiCASB
* FortiConnect
* FortiConverter
* FortiCNP
* FortiDAST
* FortiDDoS
* FortiDB
* FortiDNS
* FortiDLP
* FortiDeceptor
* FortiDevSec
* FortiDirector
* FortiEDR
* FortiExtender
* FortiGate Cloud
* FortiGuard
* FortiHypervisor
* FortiGuest
* FortiInsight
* FortiIsolator
* FortiMail
* FortiMonitor
* FortiManager
* FortiNAC
* FortiNAC-F
* FortiNDRCloud
* FortiNDR (on-premise)
* FortiPhish
* FortiPAM
* FortiPortal
* FortiProxy
* FortiRecon
* FortiRecorder
* FortiSRA
* FortiSandbox
* FortiScan
* FortiSASE
* FortiSIEM
* FortiSOAR
* FortiSwitch
* FortiTester
* FortiToken
* FortiWAN
* FortiVoice
* FortiWeb
* FortiAppSec Cloud
* Lacework
* RMA Information and Announcements
* Wireless Controller
* FortiCloud Products
* ZTNA
* 4D Documents
* Community Groups
* Agora
* Engage Services
* The EPSP Platform
* The ETSP Platform
* Finland
* FortiGate-VM on Azure
* Discussions & Onboarding Information
* Technical Learning
* FortiGate-VM on AWS
* Discussions & Onboarding Information
* Technical Learning
* FortiGate CNF (All Marketplaces)
* Getting Started Resources
* Technical Learning
* FortiWeb Cloud (All Marketplaces)
* Getting Started Resources
* Technical Learning
* Fortinet for SAP
* Discussions
* Technical Learning
* Knowledge Base
* Idea Exchange
* Events
* FortiSIEM
* Discussions
* Blog
* FortiSOAR
* Discussions
* Announcements
* Idea Exchange
* KCS
* Lacework
* Super User
* Blogs
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors
and threat intelligence security services from FortiGuard labs to deliver
top-rated protection and high performance, including encrypted traffic.
All ContentCommunityKnowledge BaseThis Board
* Fortinet Community
*
* Knowledge Base
*
* FortiGate
*
* Technical Tip: Recommended steps to execute in cas...
Options
* Subscribe to RSS Feed
*
* Mark as New
* Mark as Read
*
* Bookmark
* Subscribe
*
* Printer Friendly Page
* Report Inappropriate Content
srajapratap
Staff
Created on 11-23-2022 10:16 PM Edited on 08-03-2023 11:34 PM By simonz_FTNT
Article Id 230694
TECHNICAL TIP: RECOMMENDED STEPS TO EXECUTE IN CASE OF A COMPROMISED HOST
Description This article describes the steps to take when there is evidence of
malicious activity on the Fortinet devices. Scope All FortiGates and FortiOS
firmware versions. Solution
It is recommended that a clean installation is performed on all devices:
* Upgrade to the latest versions.
* Download firmware from the Fortinet Support site and validate the file hash
using SHA512.
* Format the device's flash and perform a clean install. See Technical Tip:
Loading a FortiGate firmware image using TFTP.
* After completing the TFTP firmware reload, proceed to format the disk
partition. See Technical Tip: Standard procedure to format a FortiGate Log
Disk.
Fortinet does not recommend using the existing configuration:
* Restore the configuration from a known good backup or create a clean
configuration validating the content.
* Reset all admin, local users, and VPN users' credentials.
* Reset RADIUS secrets and IPSEC PSKs.
* Replace certificates and revoke the potentially stolen ones.
* Change the GUI administrative access to a non-default port.
* Restrict logins to trusted hosts. See System administrator best practices -
FortiGate documentation.
* Disable administrative access to any external (Internet-facing) interface.
* Perform administrative tasks over an out-of-band network.
* Implement 2FA.
* Change the LDAP user credentials used for FortiGate LDAP authentication.
* Implement the recommendations in the FortiOS hardening guide.
5620
1 Kudo
Suggest New Article
Article Feedback
Contributors
* srajapratap
* simonz_FTNT
* Stephen_G
* Anthony_E
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and
consolidation to provide comprehensive cybersecurity protection for all users,
devices, and applications and across all network edges.
Social Media
*
*
*
*
*
*
Security Research
* Threat Research
* FortiGuard Labs
* Threat Map
* Threat Briefs
* Ransomware
* Getting Started Resources
Company
* About Us
* Security Fabric
* Exec. Mgmt
* Careers
* Certifications
* Events
* Industry Awards
* Social Responsibility
News & Articles
* News Releases
* News Articles
* Trademarks
Contact Us
* Corporate
* Community
Copyright 2025 Fortinet, Inc. All Rights Reserved.
* Terms of Service
* Privacy Policy
* GDPR
* Cookie Settings
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word word word word word word word word word
word word word word word word word word
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
mmMwWLliI0fiflO&1
COOKIE SETTINGS
By clicking "Accept All", you are consenting to the use of cookies on your
device to enhance site functionality, analyze site usage, and assist in our
marketing efforts. This includes the use of cookies and similar technologies to
show you personalized advertising on other websites through our partners. To
accept only necessary cookies, select “Reject All.” You can visit the Cookie
Settings link, which contains details on specific cookies, categories, and
preference options. Your choice will apply only to your current browser/device.
Please also see our Privacy Policy for more information on how we process
personal data.privacy policy
Reject All Accept All
Cookie Settings
COOKIE PREFERENCE CENTER
* YOUR PRIVACY
* STRICTLY NECESSARY COOKIES
* PERFORMANCE COOKIES
* FUNCTIONAL COOKIES
* ADVERTISING COOKIES
YOUR PRIVACY
A website may store or retrieve certain information about your browser by using
cookies. Cookies store information about how a visitor interacts with a website.
The information may be about you, your preferences, your browser, or may be used
just to make the website function. We allow certain advertising and analytics
partners to collect information from our site through cookies and similar
technologies to deliver ads which are more relevant to you, and assist us with
advertising-related analytics (e.g., measuring ad performance, optimizing our ad
campaigns). This may be considered "selling" or "sharing” / disclosure for
targeted online advertising under certain laws. To opt out of these activities,
move the toggles for "Performance" and "Advertising" to the left and press
"Confirm My Choices." You can also click on the different category headings if
you would like to read more about the cookies that we use, and adjust your
preferences. Please note that your choice will apply only to your current
browser/device. You can choose not to allow some types of cookies; however,
please note that blocking some categories of cookies may impact your experience
of the site. You can visit our Privacy Policy for more information.
privacy policy
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the basic functionality of the website. The
website would not work without these cookies, so they cannot be switched off in
our systems. You can set your browser to block or alert you about these cookies,
but some parts of the site will not work.
PERFORMANCE COOKIES
Performance Cookies
These cookies help us collect certain data, such as count visits and traffic
sources, so that we can measure the performance of our site, improve the
content, and build better features that enhance your experience. They help us to
know which pages are the most and least popular and see how visitors move around
the site. They also allow us to measure the effectiveness of our ads on other
sites.
FUNCTIONAL COOKIES
Functional Cookies
These cookies allow our website to remember your preferences and choices made on
the website, such as region and language, which help us provide enhanced
functionality and personalization. These cookies may be set by us or by third
party providers whose services we have added to our pages. If you disable these
cookies, then some or all of these features may not function properly.
ADVERTISING COOKIES
Advertising Cookies
These cookies may be set through our website by our advertising partners, and
use information uniquely identifying your browser and internet device to build a
profile of your interests and show you relevant ads on other websites. If you
disable these cookies, you will experience less targeted advertising.
Back Button
COOKIE LIST
Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
Clear
checkbox label label
Apply Cancel
Confirm My Choices
Allow All