SSL Heartbleed iRule update

Get the latest updates on how F5 mitigates HeartbleedGet the latest updates on how F5 mitigates Heartbleed For those of you tuning in to learn more about the OpenSSL Heartbleed vulnerability, here ...
Updated Mar 18, 2022
Version 2.0
application delivery
devops
heartbleed
iRules
openssl
Security
Sam_Pickles_110's avatar
Sam_Pickles_110
Icon for Nimbostratus rankNimbostratus
Apr 13, 2014
Hi Jeff;

 

 

Thanks for the quick response iRule :-)

 

 

I've tested this rule on a vs which does terminate SSL, to provide visibility of attackers scanning for the vulnerability. It mostly seems to work well; but I've seen a couple of the following log messages:

 

 

- missing count for "@" field specifier while executing "binary scan [TCP::payload] @${i}cSS t v r"

 

 

Any ideas on what may cause this error message?

 

 

Thanks!