Forum Discussion

Nimbostratus

16 years ago

mitigating the TLS client-initiated renegotiation MITM attack

I thought I'd share the iRule we use to mitigate one of the recently disclosed TLS attacks. Our focus lies on preventing the possible malicious data insertion during 'client-initiated renegotiation'. ...

Nimbostratus

15 years ago

9.4.8 HF3 failed as well using the iRule.

Does anyone have suggestions?

Forum Discussion

mitigating the TLS client-initiated renegotiation MITM attack

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

How to Verify config before loading to F5

Logical Disk Full to Migrate rSeries

HSL - Local TimeZone - in syslog server

VIP control across data centers - how to ensure only 1 VIP is up at a time?

Related Content

SSL renegotiation DOS mitigation

SSL Legacy Renegotiation vs Secure Renegotiation Explained using Wireshark

F5 Distributed Cloud L7 DoS Attack Mitigation Roundup

How F5 WAF Mitigates 0-Day CVEs - React2Shell Case Study

SSL Profiles Part 6: SSL Renegotiation