Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Entries for 'George Watkins'

articleapmsecurityadnbig-ipnewstechtip February 21, 2012 by George Watkins
Introduction Two-factor authentication (TFA) has been around for many years and the concept far pre-dates computers. The application of a keyed padlock and a combination lock to secure a single point would technically qualify as two-factor authentication: “something you have,” a key, and “something you know,” a combination. Until the past few years, two-factor authentication in its electronic form has been reserved for high security environments: government, banks, large companies, etc. The mo...
articlebig-ipnewstechtip February 02, 2012 by George Watkins
Introduction  Datagroups and tables are the two primary methods we have in iRules for organizing key and value pairs. Both can be reused for subsequent connections. Datagroups have the advantage of being directly editable from the BIG-IP user interface, however they cannot be modified from within an iRule. This would open a potential security hole by allowing BIG-IP filesystem access from an iRule. Tables on the other hand must be populated from within an iRule, which allows for tracking...
Introduction Virtually every dynamic site on the Internet these days makes use of a CAPTCHA in some fashion. A CAPTCHA is used to verify that a human is driving the interaction with a particular  function on a site. A CAPTCHA in its simplest form involves an end-user copying the text from an image to a text field. If the user-entered text matches that of the image, the user is allowed access to the requested resource. Variations to the classic CAPTCHA can involve doing simple math, solving...
Introduction Earlier this year Google released their time-based one-time password (TOTP) solution named Google Authenticator. A TOTP is a single-use code with a finite lifetime that can be calculated by two parties (client and server) using a shared secret and a synchronized clock (see RFC 4226 for additional information). In the case of Google Authenticator, the TOTP are generated using a software (soft) token on a mobile device. Google currently offers applications for the Apple iPhone, And...
articleirulesbig-ipdevnewstechtip December 08, 2011 by George Watkins
Introduction Anyone that's done any amount of programming has probably encountered Base64 encoded data. Data that is encoded with Base64 has the advantage of being composed of 64 ASCII characters, which makes it portable and readable with virtually any RFC-compliant decoder. Before Base64 became the de facto encoding standard for content, Base32 was the preferred method. Base32 offers three distinct advantages over Base64: it is case-insensitive, commonly confused characters have been removed...
articleadnbig-ipnewstechtip November 17, 2011 by George Watkins
Introduction Recently there was a forum post regarding using the exponential backoff algorithm to prevent or at the very least slow down dictionary attacks. A dictionary attack is when a perpetrator attacks a weak system or application by cycling through a common list of username and password combinations. If were to leave a machine connected Internet with SSH open for any length of time, it wouldn’t take long for an attacker to come along and start hammering the machine. He’ll go through his l...
articlednsmanagementadnnewstechtip October 18, 2011 by George Watkins
Introduction In our last Tech Tip, v11: DNS Express – Part 1, we discussed configuring DNS Express as an authoritative slave DNS server. We also discussed the advantages of using DNS Express in place of a pool of BIND servers. In this part of the series we will be discussing using a Transactional SIGnatures (TSIG) to secure zone transfers form our BIND server to the GTM. By implementing TSIGs for our zone transfers, we can ensure that no one could potentially poison the zone date of our DNS Ex...
articlestoragenewstechtip October 07, 2011 by George Watkins
Tech Tip submitted by Dave Porter, F5 Data Solutions Introduction The effectiveness of CIFS virtualization in the ARX is impaired by slow response from external systems such as file servers and domain controllers, resulting in poor response to client requests, and so-called WORKSLOW messages in syslog. Version 6.01.000 of the ARX adds new aids to diagnosing the underlying cause. Problem Statement The problem we’re solving here is one of diagnosis: ARX users complain that ‘the ARX is slow’, a...
articlednsmanagementnewstechtip October 06, 2011 by George Watkins
Introduction Among the many features released with GTM version 11, DNS Express has to be near the top of the list for many DNS administrators. DNS Express is a high performance in-memory authoritative DNS server. GTM has always been able to serve DNS records from its local BIND instance, but this left it subject to many of the same performance limitations as other BIND servers. In addition to its ability to far outperform most any DNS server (125k queries per second per core), DNS Express als...
articleirulesdevnewstechtip September 07, 2011 by George Watkins
Introduction One of the most commonly requested features for iControl we’ve seen recently has been for transaction support. It was implemented in TMSH for Version 10 and is now available for iControl in Version 11. Transactions are super handy and anyone who has used them on other networking devices or databases can attest to their usefulness. There are many occasions where we want to make large sweeping changes, but want to interrupt the changes if any of them fails. This ensures that any chan...
Page 1 of 4First   Previous   [1]  2  3  4  Next   Last