Nimbostratus
i tested some bigip system vip address and i got timestamp and fingerprint information about system.
i found two solution on ask.f5.com
https://support.f5.com/kb/en-us/solutions/public/9000/400/sol9491.html
https://support.f5.com/kb/en-us/solutions/public/8000/000/sol8072.html
f5 tell us we can not hide OS information and timestamp
what do you think about these issues?
regards
zafer
Cirrostratus
I don't think anything has changed since the last post on this topic (Click here). Scanners will be able to determine the OS of the serverside--whether it's LTM or the servers behind it when LTM isn't in a full proxy configuration.
I think you gain security by locking down your network and validating anything coming from the client--not obfuscating what architecture you're using.
Aaron
Nimbostratus
i thought irule can be fix this problem but i think this is tcpip problem on os level
you know we can hide web server os information but i want hide our LTM os information
you can use netcraft, nmap, nessus and find which device we have
i have case about security check to virtual address but support guys does not validate to fix this problem.
F5 box in production and everybody know which device running on customer site.
if i am bad guy and i know xxx customer have bigip and i can attack the xxx customer
thats the problem
thanks
zafer