For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Soltest_150427's avatar
Soltest_150427
Icon for Nimbostratus rankNimbostratus
Apr 09, 2014

Is there a Heartbleed attack log signature?

Get the latest updates on how F5 mitigates Heartbleed   I found ID 456033 but is that the actual attack signature msg ID the logs would actually show? If not is there one for it?  
security
Mike_Maher's avatar
Mike_Maher
Icon for Nimbostratus rankNimbostratus
Apr 09, 2014

I don't believe you can detect this with an Attack Signature, it is a flaw in the SSL stack and all that happens before you get to the ASM portion of the system. If you are running 11.5.0 (which is the only vulnerable version) right now the mitigation is to set your ciphers in your client ssl profiles to NATIVE. Then you won't use any of the ciphers that leverage openssl.