ASM violations and attack signatures.

Question

Hello
&nbsp;

Is there a tool to trigger F5 ASM violations and attack signatures. 
&nbsp;

hooleylist · Answer

Hi Alex, 
&nbsp;  
&nbsp; The answer(s) depend largely on what your goal is.  Are you trying to test the policy itself or the alerting for violations? 
&nbsp;  
&nbsp; Aaron

alex_3320 · Answer

yes i like to test alerting for violations or attacks &nbsp;

hooleylist · Answer

You can use the logger command to generate arbitrary syslog messages: 
&nbsp;  
&nbsp;  SOL7165: Testing SNMP traps and email alerts   
&nbsp; http://support.f5.com/kb/en-us/solutions/public/7000/100/sol7165.html 
&nbsp;  
&nbsp; Else, if you want to more thoroughly test, you might need to configure a test policy with all checks enabled, set up some policy definitions and send test HTTP requests which trigger the violations. 
&nbsp;  
&nbsp; Aaron

alex_3320 · Answer

Hello and thanks for the reply 
&nbsp;the question now how do i send test HTTP requests which trigger the violations? &nbsp;&nbsp;&nbsp;

ali_64819 · Answer

you can use NMAP to scan the F5 Virtual server ,then the asm will generate violations if the virtuals server is configure with application security profile.&nbsp;

Forum Discussion

ASM violations and attack signatures.

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

Attacks against Domain Specific Languages, EU Cybersecurity Laws, & Supply Chain Attacks

Live Update- ASM attack signatures

Default Attack Signature Sets

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS