AWAF version 15.1.8.1 does not support Brute Force as one of the attacks for Delayed Blocking

Question

Hi;With Delayed Blocking, one of the attacks in the list of attacks that can be associated with delayed blocking is "Brute Force, maximum login attemps are exceeded"For some reason, I cannot find this attack type in the list and I know it used to be there in previous versions of TMOS.KindlyWasfi

wasfi_bounni · Accepted Answer

I found out from F5 that this feature has been discontinued. It used to be there in versions 11 and 12.

whisperer · Answer

Thought this was an option for application security access session tracking (APM) and preventing session hijacking and tracking user sessions (ASM).

f5_design_engineer · Answer

Hi Wasfi,
Can you please check it here
ASM is going to check the failed login attempts here:

&nbsp;

Please check the below link for more detail:
https://clouddocs.f5.com/training/community/waf/html/waf341/module1/lab1/lab1.html
&nbsp;

wasfi_bounni · Answer

The issue is that "Brute Force: Maximum Logins exceeded" is not there as an option as one of the associated violations for delayed blocking under sessions and logins. Although all other violations are in the available list.

Forum Discussion

AWAF version 15.1.8.1 does not support Brute Force as one of the attacks for Delayed Blocking

4 Replies

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

Set HTTP version

Block traffic

domain blocking

Upgrade to version 17.x.x ?

Block IP after a number of ASM Blocks