Forum Discussion

Nimbostratus

May 22, 2013

SQL-INJ "drop Schema" reporting in ASM 11.3

All, In our 11.3 ASM, we triped an attack signiture detected for the following. Looking to understand why this registered? I see schema included as part of the parameter value, but is tha...

app sec

BIG-IP Access Policy Manager (APM)

security

hooleylist

Cirrostratus

May 24, 2013

Hi Lazar,

The signature is looking for drop and schema and a fairly complex regex. It's not just looking for those two key words.

If you're seeing false positives on just one parameter, I'd disable the signature on a new global parameter with that name. If you're seeing false positives on several parameters, you could disable the signature across the policy.

Aaron

Forum Discussion

SQL-INJ "drop Schema" reporting in ASM 11.3

Recent Discussions

iRule condition - request contains more than 10000 parameters

Citrix XenServer Big-IP Upgrade help

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

BWC iRule

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Re: BigIP Report

BigIP Report Old

Get started with F5 Distributed Cloud WAAP Scheduled Reports

F5 2023 State of Application Strategy Report

L3/4/DNS DDoS Reporting with Elastic Search and Kibana