ASM violations and attack signatures.

Question

Hello
&nbsp;

Is there a tool to trigger F5 ASM violations and attack signatures. 
&nbsp;

hooleylist · Answer

Hi Alex, 
&nbsp;  
&nbsp; The answer(s) depend largely on what your goal is.  Are you trying to test the policy itself or the alerting for violations? 
&nbsp;  
&nbsp; Aaron

alex_3320 · Answer

yes i like to test alerting for violations or attacks &nbsp;

hooleylist · Answer

You can use the logger command to generate arbitrary syslog messages: 
&nbsp;  
&nbsp;  SOL7165: Testing SNMP traps and email alerts   
&nbsp; http://support.f5.com/kb/en-us/solutions/public/7000/100/sol7165.html 
&nbsp;  
&nbsp; Else, if you want to more thoroughly test, you might need to configure a test policy with all checks enabled, set up some policy definitions and send test HTTP requests which trigger the violations. 
&nbsp;  
&nbsp; Aaron

alex_3320 · Answer

Hello and thanks for the reply 
&nbsp;the question now how do i send test HTTP requests which trigger the violations? &nbsp;&nbsp;&nbsp;

ali_64819 · Answer

you can use NMAP to scan the F5 Virtual server ,then the asm will generate violations if the virtuals server is configure with application security profile.&nbsp;

Forum Discussion

ASM violations and attack signatures.

5 Replies

Recent Discussions

BWC iRule

Citrix XenServer Big-IP Upgrade help

iRule condition - request contains more than 10000 parameters

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

Live Update- ASM attack signatures

The HTTP/2 CONTINUATION frame attack

Default Attack Signature Sets