Technical Article DevCentral Top 5 05/06/2011 May 06, 2011 by Colin Walker 2776 article availability design dev development hardware icontrol irules management ruby security ssl top 5 top5 us virtualization 0 The 20 Lines or Less, the DC weekly podcast, 99% of the hundreds of blogs Don and Lori seem to put out each week...these are but a few of the things you won't see this week in the DC Top 5. With as good as the content is that's getting left out, you can only imagine how good the stuff that made the cut is. It's been a jam packed few weeks since the last installment. I've survived, somehow, and I'm here to tell the story of what DevCentral's been up to, at least this last week. So check it out, in this week's DevCentral Top 5: iRules Challenge Results: Can Everyone Win? http://bit.ly/maEiPC Every so often the Sales folks invite me over to throw a challenge at the new FSEs that are moving through the initiation/training program, getting their feet wet. This challenge is intended to stretch them a bit and get them thinking about iRules as well as DevCentral and the other resources they'll need to survive when asked to start writing these things in the wild. This time through I pushed a bit harder and created a challenge that would lead, ideally, to the investigation and use of the table command(s), and the beauty therein. I'm impressed at the results I got and I'm quite happy to announce the winner of said Challenge as well as the very honorable mentions. Ruby and iControl: Remote BIG-IP Software Image Installation http://bit.ly/kFNpXo George is up to his wily ways again, what with the Ruby-iControl coding and all. This time he's churned out a tool that looks like it could be extremely handy. This snippet will not only upload but actually install a new image to your F5 device. This is a dream come true for those of you that have been managing such things manually. Even to those that might not use it directly, it's a great peek at some of the things that iControl can do and the lengths to which you can automate things. This one's worth a read for sure. If a Network Can't Go Virtual Then Virtual Must Come to the Network http://bit.ly/mT6jH6 In her typical fashion, Lori got me thinking (and a bit fired up) with her post regarding virtualization and multi-tenancy. She accurately points out some pros and cons, as well as where we've been and where we very well might be going when it comes to scaling application solutions and the networks that support them. Regardless of whether you're looking for ultimate performance scaling or silos of resources with no outage overlap, this one is a very good read. Everyone's situation is obviously different but if you're not thinking about this yet, you should be. Sooner rather than later these issues will be facing you, it's good to be prepared. SSL Renegotiation DOS attack - An iRule Countermeasure http://bit.ly/j0Y0Wy David Holmes, our resident security guru, is back and posting about a possible attack vector that could affect nearly the entire web. Sound scary? Well, when you're talking about a vulnerability in a broadly accepted protocol, it's bad enough. When it's a protocol normally associated with the most secure of applications and data, like SSL, then it gets even more worrisome. In this attack, would be miscreants attempt to hang an SSL enabled server by performing a series of renegotiations, thereby overloading the system. In steps iRules to save the day, as seems to often be the case. With a relatively simple iRule, Jason was able to whip up a solution to this problem by limiting the number of renegotiations allowed on a given connection in a certain time frame. With only a scant amount of development time, this very real threat was able to be completely negated. Take a read to get all the details for yourself. Post of the Week - SMTP TLS Encryption http://bit.ly/lZxnhw Last on the list this time around is the Post of the Week. Since being revived this popular series is again picking up a following of those interested in either seeing Joe and I goofing off in front of the camera, or some wicked cool solutions offered up in the forums thanks to the awesome community...or maybe both. This week we dig into SMTP TLS Encryption via iRules. Long ago Nat wrote an iRule that did just this but along came a user who wanted more, and more they got. Digging back into the problem a discussion broke out and when the dust settled the solution was even more impressive than it was in its previous form, as formidable as that was. Take a look for yourselves if you want the nitty gritty, and be sure to click through to the post for the real goods straight from the source. That's it for this week's Top5, thanks much for reading. #Colin last modified: May 06, 2011 0 Comment(s): You must be logged in to post comments.