Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology

Articles

Sort results

AppSec Made Easy: L7 Behavioral DoS

Learn how to use the F5 Advanced Web Application Firewall to easily implement Behavioral DoS protections for your application using dynamic signatures to reduce false positives and automate protection. Read more
1 Review

AFM DoS Enhancements in BIG-IP v13

Following up on our previous article AFM Enhancements In BIG-IP v13, we'll narrow our discussion for this article to Denial-Of-Service (DoS) updates in v13. Architectural changes in BIG-IP's user interfaces allows for increased flexibility... Read more
Average Rating: 4.9
3 Reviews

MWC 2015 – Threats to Mobile Carrier Networks (feat George)

Jonathan George, Sr. Product Marketing Manager, talks about the various threats that can occur on a carrier network. Mobile devices are becoming a hot target for malicious attacks and users may not be aware that they have potentially become part... Read more
0 Reviews

Size doesn’t matter: Australian businesses not spared immunity from cyber attacks

We have all heard or read about, at least one cyber attack that has taken place in the last three months. Most recently in August, we witnessed the widely reported nude celebrity photo leak that not only raised concerns for privacy, but also the... Read more
0 Reviews

Securing the future of the telecommunications industry in Australia

Over the last 50 years, our means of communicating with one another has evolved radically through the influence of technology. From the telegram to emails, from the telephone call to over-the-top applications, the realm of communications is... Read more
0 Reviews

Threat Analysis: perlb0t

This ancient bot, also known as the “Mambo” bot (due to an old vulnerability in the Mambo CMS it tried to exploit) has been around for a very long time, and many variations of it has been seen. However, from our observations, it is still being... Read more
1 Review

Mitigating sslsqueeze and other no-crypto, brute force SSL handshake attacks

I’ve spent a bunch of cycles lately trying to analyze how resistant we are to a new class of SSL handshake attacks. You see, I have a thing for these weird, asymmetric crypto attacks. To this day, the SSL Renegotiation DDoS piece is still the most... Read more
1 Review

Inside Look - BIG-IP Advanced Firewall Manager

If you enjoyed In 5 Minutes or Less: BIG-IP Advanced Firewall Manager, this is a much deeper dive into the BIG-IP AFM solution.  I introduce BIG-IP Advanced Firewall Manager (AFM) and have Josh Mendosa, Product Management Engineer, show a... Read more
0 Reviews

IPv6: Not a Solution for Security!!!

On April 15th, 2011, the last of the IPv4 address blocks was allocated,. Due to IPv4 address depletion, migration to IPv6 is inevitable. This migration to IPv6 will ease IPv4 address depletion but it does not address other significant... Read more
0 Reviews

F5 Friday: When Firewalls Fail…

New survey shows firewalls falling to application and network DDoS with alarming frequency… With the increasing frequency of successful DDoS attacks there has come a few studies focusing on organizational security posture – readiness, awareness,... Read more
0 Reviews

F5 Friday: Mitigating the THC SSL DoS Threat

The THC #SSL #DoS tool exploits the rapid resource consumption nature of the handshake required to establish a secure session using SSL. A new attack tool was announced this week and continues to follow in the footsteps of resource exhaustion as a... Read more
0 Reviews

F5 Friday: Eliminating the Blind Spot in Your Data Center Security Strategy

Pop Quiz: In recent weeks, which of the following attack vectors have been successfully used to breach major corporation security? (choose all that apply) Phishing          Paramet... Read more
0 Reviews

20 Lines or Less #49: SSL Renegotiation, Execution Halting and HTTP Rewriting

What could you do with your code in 20 Lines or Less? That's the question I ask (almost) every week for the devcentral community, and every week I go looking to find cool new examples that show just how flexible and powerful iRules can be... Read more
0 Reviews

F5 Friday: Multi-Layer Security for Multi-Layer Attacks

Modern DoS attacks are distributed, diverse and cross the chasm that divides network components from application infrastructure. A unified application delivery platform with multi-layer visibility is the best way to detect and mitigate multi-layer... Read more
0 Reviews

The Many Faces of DDoS: Variations on a Theme or Two

Many denial of service attacks boil down to the exploitation of how protocols work and are, in fact, very similar under the hood. Recognizing these themes is paramount to choosing the right solution to mitigate the attack. When you look across the... Read more
0 Reviews

Turning the Pushdo Bot Into the Push-oh-no-you-don’t Bot

Options to put a stop to the latest mutation of the Pushdo trojan The Pushdo bot is a malevolent little beast that is nothing new to Infosec professionals. What might be new, however, is that it recently changed its code and now creates junk... Read more
0 Reviews

Twas Two Weeks Past (Cloud) Deployment

Here comes St. Beaker and Santa Cloud … Twas two weeks past deployment and all through the house Echoed taps on a keyboard and clicks from a mouse The apps were all running inside VMware In hopes compute resources soon would they... Read more
0 Reviews

Taking Down Twitter as easy as D.N.S.

If they can take down Twitter via DNS, they can take your site, too. Everyone is talking about the DoS (Denial of Service) attack on Twitter but most of them are missing what really happened. We’re so used to defending against HTTP-based DoS... Read more
0 Reviews

Cloud Changes Cost of Attacks

For some companies there’s never been a quantifiable financial impact from attacks. Cloud may change that. One of the frustrations with information security is that it’s always difficult – if not impossible – to quantify risk. Without the... Read more
0 Reviews

An Unhackable Server is Still Vulnerable

Apparently if you’re attending the USENIX Security conference (August 12-14, 2009, in Montreal, Canada) you can participate in the Security Grand Challenge. What is that, you ask? Here’s how the organizers describe it: The concept is very... Read more
0 Reviews

Infrastructure Matters: Challenges of Cloud-based Testing

An interesting thing happened on the way to testing that application from the cloud. We broke the innertubes! Pros and Cons of Application Testing in the Cloud A firm wanted to test their application and need 100 browser instances. In the old days... Read more
0 Reviews

HTTP Pipelining: A security risk without real performance benefits

Everyone wants web sites and applications to load faster, and there’s no shortage of folks out there looking for ways to do just that. But all that glitters is not gold, and not all acceleration techniques actually do all that much to accelerate... Read more
Average Rating: 4.4
3 Reviews

ROI Justification(s) for Application Delivery Controllers

Sometimes IT folks are tasked with coming up with the justification for purchasing technology. It's not an enjoyable task, and considering the incredible difficulty in trying to pin dollar values on soft factors like increased pro... Read more
0 Reviews

SOA Security: Chain reactions are bad, mmmkay?

As a child of the 80s's I lived under an umbrella of fear surrounding nuclear everything. Living fairly close to a nuclear power plant, we all heard the words "chain reaction" a lot, and though we didn't understand the science we... Read more
0 Reviews

Layer 4 vs Layer 7 DoS Attack

Not all DoS (Denial of Service) attacks are the same. While the end result is to consume as much - hopefully all - of a server or site's resources such that legitimate users are denied service (hence the name) there is a subtle difference in... Read more
1 Review