Bug ID 503541: Use 64 bit instead of 10 bit for Rate Tracker library hashing.

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4

Fixed In:
12.0.0, 11.6.0 HF5, 11.5.2 HF1

Opened: Jan 28, 2015
Severity: 2-Critical

Symptoms

Rate Tracker 10 bit hashing may cause inaccurate rate-limits by the Sweep & Flood DoS vectors.

Impact

Impact to Sweep and Flood detection rate accuracy.

Conditions

When Sweep and Flood vector is enabled in AFM module.

Workaround

None.

Fix Information

The system now uses 64 bit instead of 10 bit for Rate Tracker hashing, which results in more accuracy in attack detection and mitigation.

Behavior Change