CRSF Vulnerability

Question

Not sure where the ASM Module Forum is -- but wondering if anyone has tried to prevent Cross Site Request Forgery through iRules or know if F5 is developing a solution for ASM. &nbsp;
&nbsp;There is what looks like a good proxy based solution published at:&nbsp;
&nbsp;http://www.seclab.tuwien.ac.at/papers/noforge.pdf&nbsp;
&nbsp;More on CRSF or XRSF 
&nbsp;http://en.wikipedia.org/wiki/Cross-site_request_forgery&nbsp;&nbsp;
&nbsp;Pat

hooleylist · Answer

I'll add that ASM is designed to protect against XSRF, XSS (and many other) attacks using both positive and negative validation of requests.  There are character sets which define valid characters in parameter names, parameter values, headers and the object.  There are a set of default regular expressions against these same components which validate the request does not contain malicious patterns.  Custom regexes can be added as well.  ASM also enforces length restrictions which limit how big the total request, header, parameter and parameter values can be. &nbsp;
&nbsp;iRules can help provide good specific security.  ASM provides a more comprehensive package of validations and protection.  I would imagine you could talk with an F5 salesperson to get more specifics on ASM.&nbsp;
&nbsp;Aaron&nbsp;&nbsp;

Forum Discussion

CRSF Vulnerability

1 Reply

Recent Discussions

Portal Access to HTTPS resources slow

HOW TO HIRE A HACKER TO RECOVER STOLEN BITCOIN. CONTACT FASTFUND RECOVERY

Big-IP Next 20.2.0-2.375.1+0.0.43 iRule count problem

rewrite Azure AD response for portal access via web portal

Azure SAML - F5 APM

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat

Re: Mitigation of OWASP API6: 2019 Mass Assignment vulnerability using F5 Distributed Cloud Platform