Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Introduction iRules are a powerful tool in the F5 administrators arsenal. They allow administrators to adapt and customize the F5 to their needs. They provide extensive power for security engineers as well. We’ve decided it’s time to revisit the Security iRules 101, with updated content, and 100% more monkeys! In section 4 of the series, let’s talk about DNS.  Domain Name System is the address book of the internet.  Any time you type letters into a browser and hit e...
Introduction iRules are a powerful tool in the F5 administrators arsenal. They allow administrators to adapt and customize the F5 to their needs.  They provide extensive power for security engineers as well. We’ve decided it’s time to revisit the Security iRules 101, with updated content, and 100% more monkeys! In our first section of the series, we are going to cover a vital part of the security infrastructure, logging. Good logs make all the difference for identification and...
articleadnnewstechtip June 07, 2012 by Josh Michaels
FIPS 140-2 and you? FIPS.. the final frontier. These are the voyages of the Business Enterprise. To boldly send traffic where no one has sent before. To much? Perhaps, FIPS! The eternal pain in the butt? Whatever your opinion of FIPS 140-2, it’s here and it is not going anywhere soon. FIPS stands for Federal Information Processing Standard. It is a collection of standards that the United States Federal government uses as requirements within government agencies. The standards are often used in ...
Back in October, I attended a Security B-Sides event in Jefferson City (review here). One of the presenters (@bethayoung) talked about poisoning the internal DNS intentionally for known purveyors of all things bad. I indicated in my write-up that I’d be detailing an F5-based solution, and whereas a few weeks has turned into a couple months, well, here we are. As much as I had hoped to get it all together on my own, F5er Hugh O’Donnell beat me to it, and did a fantastic job. F5er Lee Orrick also ...
articleadnbig-ipnewstechtip November 17, 2011 by George Watkins
Introduction Recently there was a forum post regarding using the exponential backoff algorithm to prevent or at the very least slow down dictionary attacks. A dictionary attack is when a perpetrator attacks a weak system or application by cycling through a common list of username and password combinations. If were to leave a machine connected Internet with SSH open for any length of time, it wouldn’t take long for an attacker to come along and start hammering the machine. He’ll go through his l...
Security extensions were added to the DNS protocol as a means of countering malicious attacks such as cache poisoning, domain hijacking, and man-in-the-middle attacks.  The extensions are described in detail in RFC 4033 (Introduction and Requirements), RFC 4034 (Resource Records), and RFC 4035 (Protocol Modifications).  Understanding what DNSSEC is and why it's important is well covered elsewhere -- whitepapers, research, etc at http://www.dnssec.net and there's a nice implementat...