For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

5 Replies

  • Brad_Parker's avatar
    Brad_Parker
    Icon for Cirrus rankCirrus
    Sep 28, 2015

    No, ASM to just for HTTP/S at this point. It is by definition a WAF(Web Application Firewall).

     

  • mikegray_198028's avatar
    mikegray_198028
    Icon for Cirrus rankCirrus
    Sep 28, 2015

    I can understand brad, but we created a ticket with F5 support(C1919382) and they only suggested ASM :(

     

    • Brad_Parker's avatar
      Brad_Parker
      Icon for Cirrus rankCirrus
      Sep 28, 2015
      Ok, maybe ASM does have some functionality for SMTP and FTP, but not SSH/SFTP. I'm a little disappointed that F5 support would suggest ASM. What kind of attack are you trying to protect against?
    • mikegray_198028's avatar
      mikegray_198028
      Icon for Cirrus rankCirrus
      Sep 28, 2015
      brute force attack, See the logs in pool member 2015-09-28 03:49:04,136 INFO [EMWorker-122] com.tumbleweed.st.server.tm.agents.AccountConfigAgent - User "level" is not associated with any account. 2015-09-28 03:49:04,136 DEBUG [EMWorker-122] com.tumbleweed.st.server.tm.agents.AccountConfigAgent - com.tumbleweed.st.server.api.NoSuchAccountException: User "level" not found 2015-09-28 03:49:04,343 INFO [EMWorker-127] com.tumbleweed.st.server.tm.agents.AccountConfigAgent - User "admin" is not associated with any account. 2015-09-28 03:49:04,343 DEBUG [EMWorker-127] com.tumbleweed.st.server.tm.agents.AccountConfigAgent - com.tumbleweed.st.server.api.NoSuchAccountException: User "admin" not found 2015-09-28 03:49:04,432 DEBUG [EMWorker-122] com.tumbleweed.st.server.appframework.AccountContextAgent - User "admin" not found com.tumbleweed.st.server.api.NoSuchAccountException: User "admin" not found Caused by: com.tumbleweed.st.server.api.NoSuchUserException: admin 2015-09-28 03:49:04,471 INFO [EMWorker-128] com.tumbleweed.st.server.tm.agents.AccountConfigAgent - User "level" is not associated with any account. 2015-09-28 03:49:04,471 DEBUG [EMWorker-128] com.tumbleweed.st.server.tm.agents.AccountConfigAgent - com.tumbleweed.st.server.api.NoSuchAccountException: User "level" not found 2015-09-28 03:49:04,642 DEBUG [EMWorker-127] com.tumbleweed.st.server.appframework.AccountContextAgent - User "level" not found com.tumbleweed.st.server.api.NoSuchAccountException: User "level" not found Caused by: com.tumbleweed.st.server.api.NoSuchUserException: level 2015-09-28 03:49:04,780 DEBUG [EMWorker-128] com.tumbleweed.st.server.appframework.AccountContextAgent - User "level" not found com.tumbleweed.st.server.api.NoSuchAccountException: User "level" not found Caused by: com.tumbleweed.st.server.api.NoSuchUserException: level
    • Brad_Parker's avatar
      Brad_Parker
      Icon for Cirrus rankCirrus
      Sep 28, 2015
      I don't think BigIP will be able to help with that at this point as proxying ssh is currently not a supported feature.