Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

How does ASM's dos strategy return the interception response page

longyuan
Altostratus
Altostratus

‎20-Jun-2021 07:36

How does ASM's dos strategy return the interception response page? Is it possible to achieve DoS protection for behavioral and stress-based interception and return to the response page through irules?

Labels:
0 Kudos
3 REPLIES 3

Daniel_Wolf
MVP
MVP

‎20-Jun-2021 12:32

Hi longyuan,

 

Behavioral DoS is much more effective against mitigating multi-vector Layer 7 DoS attacks.

Stress-based DoS is better at defining specific rate limits.

Technically it is possible to configure both protections concurrently, complementing each other.

From experience I recommend against configuring both of them together. BaDOS alone is fine, it works reliable. Setting threshold values for for stress-based mitigation can be cumbersome and is error prone.

 

Details about the mitigation methods can be read here:

https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-implementations-14-1-0/preventing-dos-attacks-on-applications.html

 

KR

Daniel

0 Kudos

longyuan
Altostratus
Altostratus

‎20-Jun-2021 17:49

How to set the intercept response page for dos attack?

0 Kudos

Daniel_Wolf
MVP
MVP
In response to longyuan

‎20-Jun-2021 22:53

There in no response page you can configure, attackers will get a TCP reset.

See here: K04550557: Overview of BIG-IP ASM blocking response

0 Kudos
Copyright © 2023 Khoros, LLC