Forceful Browsing attack

Question

i wanted to show the customer sample of detecting this attack , i have Vs directing to a pool member = 10.10.10.1 ( which is a switch )

i access this switch using its Vs ip : http://11.11.11.1

to simulate forecful browsing attack , i defined allowed URLs to be http://11.11.11.1 , then tried to access http://11.11.11.1/test , but nothing was logged under reports> charts , please advise ?

nathe · Answer

SSHSSH 
&nbsp;  
&nbsp; I'm not 100% certain on this but in Policy - Blocking - Settings and under Access Violations, do you need to have the boxes for "Login Object Bypassed" ticked e.g. Learn, Alarm or Block? 
&nbsp;  
&nbsp; Just a thought on this one. 
&nbsp;  
&nbsp; N

hooleylist · Answer

Also, if you're new to ASM and want to demo it to one of your customers, you might try talking with your local F5 or partner SE.  They should be able to give you some vulnerable applications and sample ASM policies. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Forceful Browsing attack

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

The HTTP/2 CONTINUATION frame attack

iRule for Brute Force Password Guessing Attacks

Serving or browsing iFiles

HTTP Brute Force Mitigation Playbook: BIG-IP LTM Mitigation Options for HTTP Brute Force Attacks - Chapter 3

ESRP Strategies: DNS Water Torture Attack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS