Forum Discussion

Nimbostratus

May 24, 2012

SSL Renegotiation on PEN Test???

Hi there We're currently getting some of our sites which are served through our F5's pen tested... Our F5's are currently running v11.1.0 HF2. The PEN test report has f...

security

jwham20

Nimbostratus

May 24, 2012

Also, since you're on 11.1.0, you should have:

http://tools.ietf.org/html/rfc5746 Transport Layer Security (TLS) Renegotiation Indication Extension

Which was the fix for the reneg issue. It might be that the Pen test did not check for the secure_renegotiation flag

You happen to know the tool they were using?

-Joshm

Recent Discussions

Upgrade F5 BIGIP
Jan 02, 2025
Ollie_Alderson
MAC address of deleted VS IP address still responsive
Jan 02, 2025
Teddy_Brewski
ports are showing open on online scanning tool
Jan 02, 2025
Pooja_Varekar208
how to whitelist new source IP on F5 web UI access
Jan 02, 2025
Herman2024
TMSH Command to list ASM policies not attached to any virtual servers in all partitions
Jan 01, 2025
omykhan

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL Renegotiation on PEN Test???

Recent Discussions

Upgrade F5 BIGIP

MAC address of deleted VS IP address still responsive

ports are showing open on online scanning tool

how to whitelist new source IP on F5 web UI access

TMSH Command to list ASM policies not attached to any virtual servers in all partitions

Related Content

Re: SSL Renegotiation DOS attack – an iRule Countermeasure

SSL renegotiation DOS mitigation

IRULE question - pool command and SSL renegotiation

WhiteBoard Wednesday: SSL Renegotiation

Security Sidebar: Improving Your SSL Labs Test Grade

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS