F5BigIpsPolicy Attack Signatures

The F5BigIpsPolicy Custom Resource (CR) supports the following attack signatures:

• dns_blacklist_dns_reverse_lookup_response_for_known_malware_domain_spheral_ru_win_trojan_glupteba
• dns_nginx_dns_resolver_dos
• dns_dns_query_amplification_attempt
• dns_malformed_dns_query_with_http_content
• dns_named_authors_attempt
• dns_named_authors_attempt_1
• dns_named_version_attempt
• dns_named_version_attempt_1
• dns_os_linux_os_linux_x86_linux_overflow_attempt
• dns_os_linux_os_linux_x86_linux_overflow_attempt_1
• dns_os_linux_os_linux_x86_linux_overflow_attempt_admv2
• dns_os_other_os_other_x86_freebsd_overflow_attempt
• dns_os_solaris_exploit_sparc_overflow_attempt
• powerdns_authoritative_server_denial_of_service
• dns_server_other_bind_buffer_overflow_named_tsig_overflow_attempt
• dns_server_other_bind_buffer_overflow_named_tsig_overflow_attempt_1
• dns_server_other_bind_buffer_overflow_via_nxt_records
• dns_server_other_bind_buffer_overflow_via_nxt_records_named_overflow_adm
• dns_server_other_bind_buffer_overflow_via_nxt_records_named_overflow_admrocks
• dns_server_other_bind_named_overflow_attempt
• dns_spoof_query_response_ptr_with_ttl_of_1_min_and_no_authority
• dns_spoof_query_response_with_ttl_of_1_min_and_no_authority
• dns_tcp_inverse_query