Forum Discussion
Spidey_29396
Nimbostratus
NimbostratusHow to protect F5 BigIP/Viprion System from shellshock
Hi All,
I have few questions regarding BigIP and Viprion vulnerabilities.
1. if tcp port 443 and ssh are open on SelP-IPs, is it vulnerable to the attack?
2. what are the mitigation to protect t...
nathe
Cirrocumulus
Cirrocumulus- yes
- last week's update was that the only exploit f5 had seen against the management gui was when authenticated only. This is important to note. i.e. user had to have admin/root, for example, privileges to exploit the gui with an attack.
F5's advice (and constant best practice anyway) is to have the mgmt interface connected to a secure, private subnet only, and any self-ips that are externally facing need to have 443 access disabled.
Hope this helps,
N
