CategoryWAF

Detecting Slowloris with Citrix NetScaler (Citrix ADC)

D

Last update: Nov 21th, 2018 tested using firmware 11.1 If you read about slowloris, you always read about NetScaler doing a great job. Tests in our lab environment show: NetScaler will successfully block these attacks. And there is hardly anything we have to do about it: It’s built into the system. Great news indeed! The only thing we have to do is reduce client idle timeout to a lower...

Concerns about Citrix NetScaler Web Application Firewall (WAF)

C

Let’s talk about a WAF, a Web Application Firewall on a Citrix NetScaler. What’s to be concerned off? Is it worth while considering a NetScaler to be your WAF? I do work for several companies, including Citrix Consulting Services. Recently I worked on some Web Application Firewall projects, so I have some experience on it. Usual concerns will a Citrix NetScaler be really safe WAF? How...

Logging more detailed data about websites blocked by NetScaler Web Application Firewall (WAF)

L

last update: April 16th 2018 I had been asked recently: Johannes, how can we log data about NetScaler Application Firewall policy hits in detail? The standard NetScaler Web Application Firewall log-files NetScaler’s Web Application Firewall logs to /var/log/ns.log. These logs are fine for trouble shooting. There is a good description about these logs here. This is a sample log, stolen from...

DDOS protection using Citrix NetScaler, 2nd part

D

Yesterday I published a blog about DDOS- protection. I used the Citrix NetScaler AppQoE feature to do so. That’s nice, but not enough. I still could beat my server to a pulp easily. Just 10 clients launching a DDOS attack using HULK had been enough. I can’t throttle down the number of users to just 10! WTF? Basically AppQoE will just limit the number of users (actually it’s the...

DDOS protection using Citrix NetScaler, 1st part

D

last update: February 21st 2018 How to protect a website using Citrix NetScaler? Well it seems to be easy. A nonsense question. We may use AppQoE (Application level Quality of Experience), a feature introduced with NetScaler version 10, so it’s quite an old feature. Let’s start. AppQoE is enterprise edition My first starting point was E-Docs. Let’s be honest: the guy in charge...

What’s in a WAF (Web application firewall)

W

This article is a very first answer to a question I recently received. The question was: You’re talking about web application firewalls. I’d like to know how to use the WAF for reverse proxying. … I also might use a firewall as it also contains functions like SQL injection prevention. So what’s in a web application firewall? A web application firewall, also known as WAF...

Recent Posts

Recent Comments