Forum Discussion
3 Replies
Sort By
- natheCirrocumulus
- yes
- last week's update was that the only exploit f5 had seen against the management gui was when authenticated only. This is important to note. i.e. user had to have admin/root, for example, privileges to exploit the gui with an attack.
F5's advice (and constant best practice anyway) is to have the mgmt interface connected to a secure, private subnet only, and any self-ips that are externally facing need to have 443 access disabled.
Hope this helps,
N
- Spidey_29396Nimbostratus
Thanks Nathan. Is there any patch like the "ssh vulnerability patch" last 2012? I'm afraid one of our customers need to open port 443 via SelfIPs since it is the only way to manage it from remote.
- natheCirrocumulusI'm not sure to be honest. f5 support might be able to help on this.