Forum Discussion
Mohamed_Lrhazi
Altocumulus
AltocumulusASM provided signatures rules text
Can one find the text of the rules of the provided attack signatures? so one could learn how they work and maybe copy/customize them.
Most of them are built-in, so you cannot access them (F5 policy)
REF - https://support.f5.com/csp/article/K8771
Some others (dos security signatures) are accessible checking /config/bigip.conf
security dos bot-signature "/Common/asm-hidden/ASM-search-engine-Bing Ad Idx" { category /Common/asm-hidden/ASM-search-engines domains { .msn.com } rule "headercontent:\"adidxbot\"; useragentonly; nocase;" }KR,
Dario.
Hello Mohamed.
I recommend you to check this references
KR,
Dario.
Mohamed_LrhaziThanks Dario. I cant figure this out... where to find the actual rules (regexes for example) defined in a signature provided by F5. I can see them for my own custom signatures, but not the provided ones.
Most of them are built-in, so you cannot access them (F5 policy)
REF - https://support.f5.com/csp/article/K8771
Some others (dos security signatures) are accessible checking /config/bigip.conf
security dos bot-signature "/Common/asm-hidden/ASM-search-engine-Bing Ad Idx" { category /Common/asm-hidden/ASM-search-engines domains { .msn.com } rule "headercontent:\"adidxbot\"; useragentonly; nocase;" }KR,
Dario.
