Is there a Heartbleed attack log signature?

Question

Get the latest updates on how F5 mitigates Heartbleed&nbsp;I found ID 456033 but is that the actual attack signature msg ID the logs would actually show? If not is there one for it?&nbsp;

mike_maher · Answer

I don't believe you can detect this with an Attack Signature, it is a flaw in the SSL stack and all that happens before you get to the ASM portion of the system. If you are running 11.5.0 (which is the only vulnerable version) right now the mitigation is to set your ciphers in your client ssl profiles to NATIVE. Then you won't use any of the ciphers that leverage openssl.

Forum Discussion

Is there a Heartbleed attack log signature?

1 Reply

Recent Discussions

Advise on setting up IRULE

F5 iRule to replace host to path

google-visualization-issues

google autenticator broken barcode

Port Group on F5OS network setting

Related Content

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

Live Update- ASM attack signatures

Default Attack Signature Sets

Attack Signature False Positive Mode