Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

AWAF version 15.1.8.1 does not support Brute Force as one of the attacks for Delayed Blocking

Wasfi_Bounni
Cirrocumulus
Cirrocumulus

Hi;

With Delayed Blocking, one of the attacks in the list of attacks that can be associated with delayed blocking is "Brute Force, maximum login attemps are exceeded"

For some reason, I cannot find this attack type in the list and I know it used to be there in previous versions of TMOS.

Kindly

Wasfi

1 ACCEPTED SOLUTION

I found out from F5 that this feature has been discontinued. It used to be there in versions 11 and 12.

View solution in original post

4 REPLIES 4

whisperer
Cumulonimbus
Cumulonimbus

Thought this was an option for application security access session tracking (APM) and preventing session hijacking and tracking user sessions (ASM).

Hi Wasfi,

Can you please check it here

ASM is going to check the failed login attempts here:

F5_Design_Engineer_1-1695191782585.png

F5_Design_Engineer_2-1695192133113.png

 

F5_Design_Engineer_0-1695191686373.png

Please check the below link for more detail:

https://clouddocs.f5.com/training/community/waf/html/waf341/module1/lab1/lab1.html

 

The issue is that "Brute Force: Maximum Logins exceeded" is not there as an option as one of the associated violations for delayed blocking under sessions and logins. Although all other violations are in the available list.

I found out from F5 that this feature has been discontinued. It used to be there in versions 11 and 12.