About scan ASM VIP

Question

I get through  the software (Web Application Firewall detected by Acunetix) to scan my F5 ASM VIP (TMOS 11.3.1 HF6).
Results show that the WAF is F5 ASM. How do I set in F5 ASM, that can prevent Acunetix scanning is not ASM F5.&nbsp;

leon_li_38034 · Answer

![Image Text](/Portals/0/Users/146/34/38034/acunetix waf scan.JPG)&nbsp;

leon_li_38034 · Answer

link text&nbsp;

leon_li_38034 · Answer

scan overview image link https://devcentral.f5.com/Portals/0/Users/146/34/38034/acunetix%20waf%20scan.JPG&nbsp;

boneyard · Answer

first of all what is your exact goal? do you want to be able to scan the actual webserver without WAF? or do you want to disguise that a WAF is in front of the webserver?&nbsp;
i don't believe you can surpress the ASM cookie or rename it, so it is going to be detected.&nbsp;

yann_desmarest · Answer

Hello&nbsp;
Asm can be identified by its blocking page response or specifoc asm cookies injected. But if acunetix do like qualys, there is no real ways to hide that you are using asm as they fingerprint the tcp stack used by bigip (fingerprinting, tcp response latency,...) &nbsp;

Forum Discussion

About scan ASM VIP

5 Replies

Recent Discussions

BIG-IP DNS iRule issue with static variable

F5 ASM logging profile to specify source IP

Portal Access to HTTPS resources slow

Cannot login to Avaya wanx using f5 apm network access

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Related Content

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Advanced iRules: Scan

Advanced iRules: Binary Scan

Integrating WhiteHat Scans With BIG-IP ASM

ASM logs