Forum Discussion

Nimbostratus

Apr 21, 2019

Sea Turtle DNS Hijack

Hi All, Does GTM has any impact on the Sea Turtle DNS Hijack? Does is have a mechanism to alert any modification or change in the record? Regards, Gokul

BIG-IP DNS

security

boneyard

MVP

Apr 23, 2019

in which way are you using the BIG-IP DNS (former GTM) when asking this question?

if it is a DNS resolver for your clients then you don't want to be informed of every IP change on every DNS record, because that just happens when a website changes hosting provider or with DNS load balancing or ...

if it is a DNS server, then you should just use strong passwords and make sure admin access is tightly restricted. those attackers did nothing special, just gain admin access to DNS servers to change records.

and look into implementing DNSSEC.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Sea Turtle DNS Hijack

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Illigal Parameter addition as custom signature set wanted to Unblock

Related Content

Devopsdays SEA Survey Results and Trip Recap

Is your SOA really SEA?

Patching Won't Prevent Compromise & Repos Hijacking June 18th – 24th This Week in Security

Oracle Identity Manager Remote Hijack Vulnerability (CVE-2017-10151)

About Session Hijacking

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS