Return of Bleichenbacher - the ROBOT Attack CVE-2017-6168
I was wondering if the iRule for handshake rate=limit still existed anywhere? We have an older version of F5 Big IP and due to having customers that use stand-alone terminals that continue to use RSA (and which the terminal manufacturer will not address) we need to mitigate the risk for the TLS ROBOT attack in all ways possible and the iRule limiting the handshake rate seemed ideal but I cannot find that iRule anywhere. Has another iRule which contains that functionality replaced it? Is there other means to mitigate that make the iRule unnecessary. Forgive my ignorance, as I am not the network resource most familiar and responsible for our F5, I'm just trying to research ways to mitigate. Thanks in advance for any guidance anyone can provide.