Forum Discussion
Enr1g_219148
Nimbostratus
NimbostratusWhich attack signature sets does contain others?
My application is running on Apache Tomcat and there is one signature set with such name. Of course, I enabled it. The question is should I also enable sets referred to e.g. Apache, Java Servlets? Or maybe required signatures are containing in Apache Tomcat set already?
3 Replies
- boneyard
MVP
should be easy enough to just check? check how many signature per set you enable and if there is overlap. 
Enr1g_219148Found a solution: "Security ›› Application Security : Attack Signatures : Attack Signatures List" then choose Advanced filter and by analyzing overlap after adding new set you can assume about relations between sets.
Thanks to boneyard for the idea.
Here's an article that might give a little more info as well: https://devcentral.f5.com/articles/the-big-ip-application-security-manager-part-4-attack-signatures
