Forum Discussion
Which attack signature sets does contain others?
My application is running on Apache Tomcat and there is one signature set with such name. Of course, I enabled it. The question is should I also enable sets referred to e.g. Apache, Java Servlets? Or maybe required signatures are containing in Apache Tomcat set already?
- ltwagnonRet. Employee
Here's an article that might give a little more info as well: https://devcentral.f5.com/articles/the-big-ip-application-security-manager-part-4-attack-signatures
- Enr1g_219148Nimbostratus
Found a solution: "Security ›› Application Security : Attack Signatures : Attack Signatures List" then choose Advanced filter and by analyzing overlap after adding new set you can assume about relations between sets.
Thanks to boneyard for the idea.
- should be easy enough to just check? check how many signature per set you enable and if there is overlap.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com