DoS and NTLM Brute force protection for HTTP(s) traffic

Problem this snippet solves: This snippet has been designed to mainly protect against NTLM's Denial of Service and brute force attacks against web application that use this authentication mecanism. ...
Published Jun 03, 2016
Version 1.0
brute force
dos
iRules
LTM
ntlm
programmability contest
security
skype4b
AntonyMillingto's avatar
AntonyMillingto
Icon for Nimbostratus rankNimbostratus
Feb 28, 2018

Hi Yann,

 

I have a customer with Skype for Business and they are worried about brute-force attacks on logins so this snippet is perfect. I have added the i-rule to the reverse proxy VS and when I log in with incorrect credentials I see a syslog 'invalid credentials detected for ' sent but I never see the IP blacklisted. Can you advise why this may not be working. I'm on 11.5.4.2.0.291. Thanks, Antony