Forum Discussion

field_bad_service's avatar
field_bad_service
Icon for Altocumulus rankAltocumulus
Dec 06, 2023

How to block software information from BigIP APM

Hello everybody, I am facing a challenge with the exposure of information in Censys when using a portal via BIgIP APM. I would like to know if it is possible to restrict access or block information ...
security
Lucas_Thompson's avatar
Lucas_Thompson
Icon for Employee rankEmployee
Dec 13, 2023

You'll have to figure out how that Censys system creates these guesses. The vendor may be able to provide this information, though security vendors often are secretive or rely on obsucurity: they may not want to divulge how their product works technically in an effort to thwart researchers. It may also be that this Censys product combines multiple sources of information at different layers of the OSI stack and has a complex set of rules to arrive at a guess. 

You can read here about how this stuff works at L4 (IP/TCP):

https://my.f5.com/manage/s/article/K9491

You can read here about how this stuff works at L5-L6 (TLS):

https://community.f5.com/t5/technical-articles/tls-fingerprinting-update-a-method-for-identifying-a-tls-client/ta-p/286117

You can read about one method to fingerprint a BIG-IP at L7:

https://my.f5.com/manage/s/article/K30552235