O'Reilly logo
  • Michael Broadbent thinks this is interesting:

You can optionally configure FortiOS to not send a TCP RST packet when a connection attempt is made, making it harder to determine the network devices in use. This is configured on a per-interface basis, so it would be most applicable on your external interfaces.

 FGT# config system interface

 FGT (interface) # edit <name>

 FGT (<name>) # set ident-accept enable


Cover of UTM Security with Fortinet


Look at doing this for our devices