Forum Discussion
Sri1
Altocumulus
AltocumulusHow ASM can mitigate the web shell attacks?
I have found this doc https://devcentral.f5.com/articles/webshells
This is useful understanding how these attacks work, but not clear about how we exactly mitigate or if ASM need to be configured to achieve this mitigation.
Please suggests.
- boneyard
MVP
that would be taken care of by the signature sets. these shells execute cat or ls or ... to look into passwd or other things. that is something attack signatures can detect very well.
but to be honest if you think there are web shells on your servers you might want to look into that first and get that solved.
