Forum Discussion
Nikoolayy1
Jul 01, 2021MVP
What is F5 ASM conviction and can it be used for configuring custom URL honey pot trap?
I see the feature conviction can be triggered in an irule but can it be done also in the ASM policy? Also can the honey pod traps be configured to send specific URL for the honey pod server or this i...
- Jul 12, 2021
This became indeed my Sunday entertainment. I came up with two use cases, which I believe are good:
- Brute Force / Logon Page protection > 302 redirect the malicious actor to a fake site, trick him/her to believe he/she had a successful login. Might be an airgapped copy of your real site. Analyse the malicous actors movement on the fake site.
- Bot Defense > e.g. Bot does a mass sign up on a loyalty program. Make a (slow loading) honey page to trick the bot into believing that it succesfully signed up. Let the hacker exhaust his/her resources.
I'd not use honeypages for each and everything. Hosting them requires extra resources, security measures and time effort.
Nikoolayy1
Jul 06, 2021MVP
From what I read maybe this is related to F5 shape Security behavioral analysis and ir maybe redirecys bad requests to their honey pot and maybe we can't use our honey pot url?
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects