Extending the /var partition on a Citrix NetScaler VPX


last update: November 16 2023 There is a question coming up every now and then: How to extend space on a Citrix ADC formerly called NetScaler. First of all: There is no supported way to do so! With this in mind, we can continue. Is there a real need to extend the disk space? The answer is no. There is plenty of space for all needs. You said, there is space enough, why did I run out of diskspace...

Mitigation for Log4J (CVE-2021-44228)


Last update: December 22nd 2021 Many of us, today, struggle with the Log4J security issue (CVE-2021-44228). It will take a long time to fix all apps, as the Apache log4J framework is built deep into several apps. For many of my customer’s apps, it’s still not clear, if whether they are affected, or not. At the same time, there are already exploits out there, allowing attackers to get shell access...

Export Citrix ADC (NetScaler) Syslog and TCP connection tables into Microsoft Excel


I recently had been asked, if it would be possible to export syslog files and the TCP connection table into Microsoft Excel. Exporting Syslog to Microsoft Excel Exporting the syslog file is quite simple: It’s just a tiny bash script: rm /var/log/output.csv while read -r month day time servity ip date timezone hostname ppe spacer msg; do printf "%s;" "$month $day $time" "$servity" "$ip"...

Citrix ADC / NetScaler, Rule based persistence


Citrix ADC / NetScaler has three types of persistence that sound similar: Rule-Based Persistence (RULE) Custom Server ID (CUSTOMSERVERID) URL Passive (URLPASSIVE) Rule-based persistnce set lb vserver <servername> -persistenceType RULE -rule "<request-rule>" -resRule "<response-rule>" -cltTimeout <persistence timeout> With rule-based persistence, we use the existing...

Securing a NetScaler


I started getting a bit confused about security of SSL during the last some month. First of all there was Mr. Edward Snowden. He told us about continuous massive attacks against SSL going on. NSA seems to be able to continuously trace our sessions. Next issue was Heartbleed (CVE-2014-0160). SSL renegotiation seemed to be a big issue. The last one is just a POODLE (CVE 2014-3566) (but never...

Recent Posts

Recent Comments