Fortinet NSE4_FGT-7.2 — FortiGate Firewall — Section 1: FortiGate Firewall V6.4 1 Part 28
38. Lecture-38: Security Profile DNS Filter.
We will do DNS filter. Okay, so what is DNS domain name system we’re discussing about DNS and did things the last few hours to be a domain name system or other domain name server. Okay, so basically DNS is translating fully qualified domain name to a B and domain name. Okay, it’s like a book. Now, freedom means freedom, definitely, if you a filter whenever you want to do something to filter them, we call them filter.
So, DNS filter, the name is different, but actually is do the same job which we’ve done through Web yesterday, it will do the same like a botnet. And if somebody want to target your business and do something to enter your system and attack on your system, botnet we discussed this morning.
So, you can use DNS because these two things are normally lower, like antiproton DNS initiatives, so there can be many are directly related to DNS and DPAs.
So, you can use DNS to filter the thing. Also, you can use DNS for better under control, like Sieff, such same-store, which means nobody like a good word. Or if somebody Diyab or in Arabic or something, this type of word.
So, it will not search.
So, we call them parental control. And maybe you are against type something, either any of your discon user, either implying by mistake, by some word which is vulgar, which is not, you know, you’re going to understand better than me.
So, it will stop you to search those who are.
So, it’s a good thing by way.
So, we can use the veto to block Bortnick, we can block we can enable the same search like a Google being and you in almost daily motion so nobody can search anything, which is not a good thing for me. I need a system of things. You want the word you will not search through this one. Either naked pictures or something so you can stop the use of DNS filter. You can use them again, you will use the same technology. I have a really smart apology. Nothing can be done for the good and virtual machine. You can do the same thing in Geneste and even basically. But because I licensed this one with a toy.
So, I have three interfaces. This one is the wind interface, also my management interface. This one is in Lansing is Milin and this one is DMZ. Right now I’m using only these two win and Lynn so if I need a system in Lynn, so I hope to own their system and the Lynn interface.
So, that’s why I informed XP System and the Lancy. When I change the interface they will new one interface, put them in the lane if I put them in, will show to TMZ. If I make them nurturant will move to outside. Okay, anyway, inside and inside I assign the range under which we will here this Meilin inserted into one wondered Hunter.
So, therefore you are assigned to this PC. One hundred and sixty to one to Sam Walton. JP and I put together and we have one hundred, which is my firewall IP and if I tried to finger you can preach to my. One door to door to my gateway, and because I DNS as well, if I go, do you have to be an ISP has been let me show you from auditoria and it is really important so that you can reach to Google, as well or any other service.
So, this is a simple apology. We are using this one.
So, now I need to configure two or three things in DNS filter. Okay, so let’s go to security profile and DNS filters there.
So, there is by far the one being escalated. And if you want, you can use this one again if you want to it. If we want to clone because this is not oriented ones, we can deliver them certainly for one and is not being used anywhere in France. Mamie’s is not used and these are the comments. Click on Create New and Clearer to our own story, I will share Dennis. Fit the profile, I can give them this name and you can follow the comments of two to five five, correct. Now it’s a reading board meant that a request to block for.
So, these are the board members and we discussed our remote network means somebody. Zombi, we call them. Well, which I told you in the first lecture, but it’s required a license because I already have a license with as well showing me these are your domain name names because these are the important websites.
So, we can take any website and you can test them. Okay, so suppose any, which is easy, this one is a bit easy.
So, let me copy this one. Okay, let me try like this again, that I is I need to it. Because I mentioned and document this year, are you going to take any saying good by either way? okay, so it’s not going to get a. And in your Deckard, this is a Balkenende website. One of them is mentioned involvement. They have so many Bortnick domain, which is blacklisted and Balkany site, okay.
So, let’s discuss this one is enabling only this one. Young Bortnick not doing anything. Let me disable the theme. I will tell you about this one. And okay, so my profile is ready. Now, let’s go to policy policy policy and make them as a sequence to show. And let’s go to security, provided the removal of Puerto Rican residents property, otherwise you can enable all together so business and the one which we created unity be necessary to provide and assist and.
So, my audience is ready now. Okay? And how we can track them if we want to logs and report there is a DNA query, so nothing is there. These are the old one which is allowed in everything, but there is no such thing. Let’s go to our inside system and try an important Web site, which is dangerous, one which can take your control.
So, if I tell type, what was the. It ask be this one from their list, you can go anyone. Okay, let’s do okay and then block us so. And let me do this is by the way, it has to show me message, sometimes it will stop, you will not show you the pain due to their license.
So, it’s not reachable. By the way, maybe after I let me see the traffic if I come here and see.
So, it’s there. Indianness response. Okay. And another thing to really find the best ways to hold on dashboard, and there is a there just. And let me tell you, it was here no, it wasn’t security botnet related, it was somewhere I. Went to a law that was okay, that was in the old one, okay, because I used on the new one, but has to be here, by the way. The status and see it is all related and not all let’s see here. There was botnet related one we just which we can show you the other side, so it’s not showing me. Okay, let me be another way of saying this look like this one is not working.
So, if we go to security profile, DNS filter and our Diffa one and click here. Okay, and let’s take a new or another example, which is. This one, which is always interesting, you can it quickly, these are a list of board members have, by the way, so you can stop them by DNS filter or the will be or if dot com. Okay, and let’s try this one more two here and then. Okay.
So, it’s not reachable. It means that suicide is not available either to be installed by the DNS.
So, if we want to report and try to DNS query. Okay is showing me here, but it is showing as a it has to show me the detail and also, I don’t know, I’m the new one that moved there. When the environment is like this one, if I can show you here, if you enamel them and drive from here, okay, so it will show you up in the like this one and Dashboard’s status, there is a monitor activities it will show you there and also in DNS query. Okay, but in both cases it’s not showing us. And this new firewall, for some reason, they removed the market from here. Maybe that maybe you can come out, which yeah, it can be aired. But still maybe the of is true. It’s C maybe it’s not enabled by antifa. No it’s not here.
So, it should be in the security one. And the new one this recently released, so they change something when I say let me try them normally. Not changing everything, but just so I can see here, important IT duties, maybe they give them something a different name, Bernat. Nice to hear you. Thank you.
So, now let’s see. Dog barking He is talking now, is showing you. Okay, so let me make them bigger to see properly here and we can see there is blood man to. And let’s see Jean-Bernard duties.
So, those two words are here.
So, it’s working now so hard, can’t we take this one time? okay, we refreshed them in this one. Okay, if you try another one and will come here. It’s the best way to recognize them and to really fight.
So, you can see a black Dauman if you are not sure. Let’s try another way. Aside from India.
So, if we go to. Not policy security, fine. Dennis, okay, and Dennis, okay, and let’s try another way, aside from both women. These are militias and men is a huge list. Not one to three like this one has so many. Okay, so but you can stop them through DNS filter this the only way to do it.
So, let me try to we all tuval embassy in. It’s going to end, let’s go the one that, by the way, to show you the banner, as well, for some reason it’s not showing me, but it’s okay, it’s not reasonable. And if we want to make war and war to security, Tim. And chequerboard next, it has to be three now, so if you click and IT activities, so the third one which we have so is here now. Okay, so we’re showing you, Mark nicknamed Laburnum. There are so many name Bill in the morning here. They are different. What are some of them? Spies.
Some of them working on that.
Some of them will increase your copy and so many so of forget about the name. I don’t know. There are so many of them and these are going to be chewing.
So, that’s the first thing which we can do through DNS filter to stop the botnet activities.
So, let me stop the border. I want to do something else, another thing is they can do for you seems to be trying to do business sars-cov-2 me like a good words, which I tell you, you can stop those things.
So, let me do first, can you to bring dot com. Okay. This a search engine like Google and other words, if I say something so both we’re going to die. We’ll get for legalization and soon so I can dive into the stream and I can listen to them as well. Okay, Barclaycard was just due to certificate, otherwise it will go with you.
So, yes, it’s showing me no issue, but in moving dot com, I serve them and it should do me nothing. Let me go back to being. Well, Jim.
So, I sent you a stream. Now let me go back and I want a sip, this one we’ve done already, this one and four search on Google, Bing and YouTube to enable and Strache model that will moderate like go in the world, which is more one one one means anywhere like that. It also coming under strict sort of. Okay, because it’s already animal.
So, I don’t need to go policy and object and let me try again.
So, I’m in Benghazi. Let me refresh and I.
So, again, the same thing which I said before, so the word has to stop me in the first place, let’s see, can I go the way that it can stop me? So, no, it didn’t stop me for some reason.
So, let me. Yeah, and this one, so. Inc.com, I need to check them. Yes, drink and so little if I say. By the way, it has to stop me in the first place, so let’s try Google dot com some time is not working properly because we are using the old browser and cert is not in normal also.
So, it will not give the authorities a lot of their time. If I sit in the. Any other thing, but this the only thing which I mentioned this, so this way I’m showing you this. Okay, anything, so let me it has to stop me here, okay? So, use searching here, so let me close the browser. Okay, and any other words that I did, open this one and delete the history and everything.
So, let me open and also let me open again, this one to check in with you. And also we can do here one thing more. To properly, this is on the board certificate, we don’t want to install certificate.
So, sometimes they are not catching the words properly. And that’s why I’m using your browser as well. And better to use Windows seven with the latest browser.
So, let me go to. This one, okay, and let’s try. And searching in any search engine like Google, either you to the. Dot com and anything which is. Okay. We tried this time. It does not work in your case, you get the idea how it is and basically it will stop this such such as? By the way, it used to show me even if I enter the the to stop me so it never stopped me. Okay, it will be like this one. Let me show you.
So, this one. Okay, let’s go, dear. Yeah.
So, when you die, it will block you with a page has been blocked. The same example. I’m giving you a little stream.
So, if you want to enter the stream because two one is coming and so it will stop you from searching, okay, it will give you an error like this one. Any other word? I don’t know if one or two of them. I cannot give any word because it’s not all you have to do anything bad here.
So, what I’m typing or something. Okay, if you type in the foreign picture or something, so maybe it will start up, you probably need to use a little let me type it is better. It’s not going to let me in other war. Okay. If I go to Bint. Either Local.com, okay? And died of sheer. Okay, let’s see now. Uh.
So, it’s not working properly, it has to stop me for such a world, which I don’t want to do right here, like you understand them in such die because it will stop you to searching. It will stop you in the first place. Okay, so this is what we use here in enforce safe search on Google and YouTube and you able to do this trick, okay? Another one is for the guard category best filter, the one which we use here. If I enable it to disable this one, it’s not working properly. But anyway, you understand that here is this the same thing which we use and we filter they also category like pornography, abortion and all those things, gambling or sex education and all those. And again, a loud monitor and to block boredom. Okay, so suppose if I want to stop and anything which is already like a streaming media which will then be erased.
So, if I click here and I will say to block Blackwater, you can configure here to do that in bloodborne use for the guard before either you can specify you are on and put them in India. But anyway, in this case, I want to use the for guard different being a state of media.
So, in streaming media which are coming under this one, you we discussed this one and this one is the same thing.
So, if I apply. Okay, and let’s try streaming media or streaming media like YouTube in daily motion. See if I say you two dot com to it has to stop me from accessing either dailymotion. Okay, so we are using basically so the page is blocked. You have to try to assist with Bandera’s belong to a category that is blocked. You are not using any other thing. If I were to see an object, maybe you would think that this blocked by you refrigerator, we are only using our business for literally everything that is disabled into what is just disabled.
So, this thing blocked them. And how will we know if you to log in and report and DNS query so you will see the traffic here, the. And also you can go to our dashboard and also you can check from nerdish phone here as well.
So, it will show you on the station there is another one again, they them and security as well. Okay, and those things that it will show you that it is being blocked again.
So, it means DNS filter can do the same job, which is done by filter. Okay, let me go back to security profile DNS and define DNS.
So, this one is done safe, so she’s done, we can use the criteria and let me close this one. What is the scandal domain filter? We can use the same Austudy like that one which we learned here.
So, you can use this one just created Nehalem. And again, simple regex, I suppose, if I use Facebook dot com. It’s the same thing. Okay, and reading to here, are you going to be allowed on a monitor reading me the folder, which they kind of figure? This one is the rule that they will show you this one. Okay, and you want to enable this rule, Facebook dot com. Okay, and if I say, okay, I’m in. Okay, ok. And this will be your daddy if you disable the other one.
So, it is only this one will be denied Facebook, YouTube right now because I removed their clothes and policy to work, you know. And if I said Facebook. Let me type here, Facebook, so it will read that into the same banner which they show me and the YouTube as well.
So, let’s see, Facebook dot com.
So, it was. Okay, so for some reason, they’re not giving me properties are so low to do it like this way and the Facebook. Okay.
So, after a while, it will stop you and then the next thing, if I want to be in this filter so far defined, okay, what else we can do through this one? If I disable this one external IP block list, you can give them external IP, you can create your own or, you know, external range. There are so many black list IP. If you want to block those domain IP, create the file and read that in here.
So, it will stop those IP. You can click here if you wish. Let me show you. Okay, from Externalism and also you can create your own where you are in as well. Well you are on IP and if you want to put username and password in there. Okay, so they give them any name. You are in resource. There is a list. Let me go to. Blog list a b. Ranges. No, sorry, that’s not. Localist. I mean, you are really. Reconfiguring all at once. Okay, so here is a list so many websites have started can campaign from here.
So, let me try this one. Now, this one is only fuel, so let’s go to the one which we have so many last. Basically, they mentioned IDP’s, which is blacklisted like a Russian and Chinese, and those are U.B. has been blacklisted and searching for that one, I forgot the actual one, which we have a list on and we go to. My goodness, I totally forgot the list of suspicious are you being honest? It’s like a text file you can see maybe from this one if I check. Okay. If I go to. Any link. It’s the on Hill when you’re such a huge welcome. Okay, so you can put that list and you can plug them. Anyway, I need to set this thing first and then. And I suppose this one year there is a full list in this one, when I search, I will show you and you have to put that list external. You are a resource link you are in. And if there is a username and password and it will come here and those IP will be blocked if they are coming inside to order as well. Okay. Then Dennis translation lowered this one and ready, Baudelaire told you this is the one which for the Jews and you can specify you are only allowed to listen, reading this is related to writing, which I told you that in as well.
So, this is related to arrive in log’s already. And it’s clearly in response anything being related. It will be year which was here to get in on this one.
So, this is a DNS filter, okay, you can do so many things like a web filter stuff and also you can stop or you can save Sunaj and board member site and also external IP ranges and you can blog stating domain names. Okay. M.J.