Forum Discussion

Nimbostratus

Apr 09, 2018

Vulnerability scan lists all ip's and port as open

Vulnerability scan on subnets behind F5 lists all ip's and ports as open. We use the Big ip as LTM currently running 13.1.0.2. Security team started seeing these results right around when we upgraded...

application delivery

LTM

Surgeon

Ret. Employee

Apr 10, 2018

which ports you are getting response on? Which interface you are getting response on? Is it self-ip or mgmt?

Do you have any wildcard vip e.g 0.0.0.0:* , or subnet vip e.g. 192.168.0.0/24:*? If yes then you need to review your config.

Recent Discussions

Reporting Help Needed
Dec 22, 2024
debtanubiswas1
Switch ssl profile based on weak cipher detection via IRULE
Dec 21, 2024
aliasgar215
F5 looses the token for the first call
Dec 20, 2024
Ozzy
iRule - Url rewrite and header replace and pool selection not working
Dec 20, 2024
rct101
full-proxy HTTP2
Dec 20, 2024
former_newbie

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Vulnerability scan lists all ip's and port as open

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

OWASP Automated Threats - OAT-014 Vulnerability Scanning

A Single IP is Scanning Intensely, and Yields a List of Malware Loaders

Continued Intense Scanning From One IP in Lithuania

Coordinated Vulnerability Disclosure: A Balanced Approach

The sooner the better: Web App Scanning Without Internet Exposure

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS