Sea Turtle DNS Hijack

Question

Hi All,&nbsp;
Does GTM has any impact on the Sea Turtle DNS Hijack?&nbsp;
Does is have a mechanism to alert any modification or change in the record?&nbsp;
Regards,
Gokul&nbsp;

boneyard · Answer

in which way are you using the BIG-IP DNS (former GTM) when asking this question?&nbsp;
if it is a DNS resolver for your clients then you don't want to be informed of every IP change on every DNS record, because that just happens when a website changes hosting provider or with DNS load balancing or ...&nbsp;
if it is a DNS server, then you should just use strong passwords and make sure admin access is tightly restricted. those attackers did nothing special, just gain admin access to DNS servers to change records.&nbsp;
and look into implementing DNSSEC.&nbsp;

Forum Discussion

Sea Turtle DNS Hijack

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Patching Won't Prevent Compromise & Repos Hijacking June 18th – 24th This Week in Security

Devopsdays SEA Survey Results and Trip Recap

About Session Hijacking

Is your SOA really SEA?

Oracle Identity Manager Remote Hijack Vulnerability (CVE-2017-10151)