F5 Device Administration/configuration - Vulnerabilities

Question

Can someone help me to understand using self-signed certificate for BIGIP LTM box falls in non-compliant as long as our device will be accessed only by network administrators?

lidev · Accepted Answer

Hi,Using self-signed certificates can pose a number of challenges, severals attacks have successfully exploited self-signed certificates (MitM attack, Drye Banking Trojan etc.)So, even if your device is only access by network administrators, it's not something to be advised (there's a risk  if one of the admin account or admin access is compromised)&nbsp;A good article on this topic  : When are self-signed certificates acceptable?&nbsp;Regards

dario_garrido · Answer

Hello NetWork.&nbsp;Migrated from another thread:Self-signed certificates cannot be used to authenticate sites.Base on this, someone accesing one specific device cannot be sure that the device which is accesing belong to the person/company that user thinks it belongs.&nbsp;To be more precise, someone could be performing a MITM attack in that communication and you couldn't be aware of that.&nbsp;Regards,Dario.

Forum Discussion

F5 Device Administration/configuration - Vulnerabilities

2 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Vulnerability CVE-2023-45648 in ApacheTomcat

Device Management

Reviewing vulnerability scanner results for an APM protected Virtual Server - part two