Featured Group Content
This section shows featured content the Group Owner has highlighted.Group Content
Capture the Flag!
Hey there community...are you ready to capture the flag? We'll get the competition dates nailed down in the next week, but here are the details: This CTF will be an individual exercise hosted in the F5 UDF environment. By commenting on this thread, we'll add you to the list and you'll get an invite to the competition. The CTF will open June 21st at noon pacific and close June 24th at noon pacific. This first CTF is not F5-centric, just an opportunity to grow or flash your red team skills against a very flawed web application. There are no prizes associated, but we'll highlight the podium finishers on the DevCentral Connects live stream on June 28th. We can't wait to see how everyone does! Update Jun 17th: If you commented below, you should have an invite in your inbox. This will give you access to the vulnerable web application you will be attacking. To track your flags, please register at https://ctf.jimmypackets.com. Happy hunting!May 12 - DevCentral Connects (Pop-Up Show) - Basic iControl Security
Show Notes What the heck is iControl? https://community.f5.com/t5/technical-articles/getting-started-with-icontrol-history/ta-p/283890 How do I know if it’s in use? https://support.f5.com/csp/article/K50035502 /var/log/restjavad-audit.0.logshows all authentications to the iControl REST service. This is an ordered list of every REST call. /var/log/restjavad.0.logcontains information about connections to the iControl REST service, such as errors returned. How do I lock it down? https://support.f5.com/csp/article/K13092 Don’t expose system services on traffic interfaces unless you have to, and make sure you have firewall rules in place to limit the exposure if so. Don’t expose the management interface except to the most trusted access; and still apply firewall rules. 14.x forward, you can use AFM rules even without license/provisioning on the management interface https://support.f5.com/csp/article/K46122561 On 11.x, 12.x, can use iptables to block access: https://support.f5.com/csp/article/K69354049 (won’t sync, must be each device) General overview of securing access to BIG-IP: https://support.f5.com/csp/article/K13092 CVE-specific How critical is this issue? CRITICAL - 9.8 How do I fix the issue? Patch BIG-IP to 13.1.5, 14.1.4.6, 15.1.5.1, 16.1.2.2. 17.0.0 is also not vulnerable, but I wouldn’t recommend a major upgrade as a patch-only operation. Too much risk under duress. If you are on 11.x or 12.x, they both are EoL, 11.x as of yesterday and 12.x on the 18th, and they will not be fixed. So you can mitigate currently https://support.f5.com/csp/article/K23605346 BUT GET updated to a supported release, recommend 16.1.2.2 if you’re going to go through the effort! How can I tell if I’ve been compromised? https://support.f5.com/csp/article/K23605346 (indicators of compromise) https://support.f5.com/csp/article/K11438344 (considerations/guidance if suspicious compromise occuredred) /var/log/audit shows the details of a request, can grep for icrd_child to narrow the fieldThis Month In Security Episode 12: July, 2023 - CyberSecurity Apprenticeships, Large Language Models
If you're hitting up BlackHat 2023, you're going to hear a LOT about Large Language Model security, which dominated the news this month in security. Also, Aubrey King talks with Jason Ross, from Rochester Institute of Technology and Jenn Carlson, from Apprenti, about cybersecurity apprenticeship options.March 31, 2022 - DevCentral Connects - Microservices March Lab 4 - Show + After Show Details
It's the final lab of Microservices March! Week 4 is covering Advanced Kubernetes Deployment Strategies where we'll learn about zero downtime deployments with traffic splitting, blue-green deployments, tracing and mapping flows in real time. Buu and Jason will take you through Lab 4 at 9:30am Pacific until 10am Pacific at which point they'll switch over to an event on Community.f5.com. Show Links: Sign up for NGINX Microservices March After Show Zoom: https://f5networks.zoom.us/j/99632736539?pwd=UjdGQkJET3M1TXpkYXh1bThBaTdHZz09AS3 Foundations: Creating New Apps and Using Shared Objects
I joined in on the fun at several stops on the F5 Academy BIG-IP Next roadshow tour this fall, and in talking to customers, everyone is at various stages of their F5 automation journey, and some aren't automating at all yet. I'm kicking off a six-part series to set some foundational understanding of what AS3 is, how it works, what tools you might use to interact with it, and we'll finish it off with some best practices. If you want to learn or if you want to share your own experience with the class, join me over the next three weeks to finish 2023 in style! Episode Five - Dec 18th@ 9AM PST Demonstrate snippet templates and grab examples from CloudDocs Demonstrate iRule/Cert strings to base 64 encoding Demonstrate cert management options Demonstrate use cases for shared objects, and make clear any gotchas with such approachesThis Month In Security: Ep. 16 - Nov. - Identity Threat Report, AI Security & Governance Checklist
This Month In Security, Aubrey King and the crew try out a new show format. Aubrey catches up with Sandy Dunn, CISO, about her work on the AI Security And Governance Checklist. In addition, Sander_Vinberg talks to the roundtable about his latest contribution to Labs, The 2023 Identity Threat Report. warburtr0nis back, as well, and sits in with AaronJB and Malcolm Heathfor the monthly roundtable. Strap On Those Earbuds! Links: https://movember.com https://c2pa.org https://www.first.org/cvss/v4-0/ https://www.f5.com/labs/articles/threat-intelligence/2023-identity-threat-report-the-unpatchables https://llmtop10.com https://openssf.org/community/openssf-working-groups/
About DevCentral Connects
All about the DevCentral Connects LiveStreams.
Open Group