Forum Discussion

Altostratus

Nov 26, 2012

SSL_renegotiation_DOS_mitigation

Hi, I've been looking at this https://devcentral.f5.com/wiki/iRules.Print.aspx?Page=iRules.SSL_renegotiation_DOS_mitigation I am confused by the iRule, where and when is hs_count ini...

Cirrostratus

Nov 26, 2012

Nice catch. I updated the Codeshare example to set hs_count to 0 in CLIENT_ACCEPTED.

J, the reason you'd want to use this iRule is if you needed to support renegotiation (secure or insecure) but want to limit how many times a client can attempt to renegotiate the session ID to mitigate a DoS attack.

Aaron

Recent Discussions

Rundeck ansible F5 errors
May 03, 2024 ameyer-pnra
What is the meaning is 52% block in WAF
May 03, 2024 RockBD
rewrite Azure AD response for portal access via web portal
May 03, 2024 eddyk99
AS3 Monitoring multiple ports selectively
May 03, 2024 OM
Open Redirection Mitigation
Solved
May 03, 2024 OM

Forum Discussion

SSL_renegotiation_DOS_mitigation

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation