Solved

netscaler & botnet

Posted on 2014-01-15
5
473 Views
Last Modified: 2016-10-25
I want to  use my netscaler for protect from botnet

1. how should i check what if the user agent is a real browser
2. Is there any way to trace if the user really downloading the images
3. our citrix's caching has been activated it colllects objects but it sends the calls to the server still for cached objects
0
Comment
Question by:3XLcom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39784596
1. The user agent string is very easy to fake with a program like cURL or probably even wget.

2. What does that even mean?  If the file is transferred, it was downloaded.  Viewing the images in a browser involves downloading the files to the local computer.

3. Have no idea.

A look at the Netscaler page tells me that it isn't designed for those two things because they are not 'threats'.  At best they are excess traffic.  And frankly, it is next to Impossible to 'protect' from a well designed 'bot' because they don't trigger any of the threat signals.  They will look exactly like a browser fetching a page.
0
 

Author Comment

by:3XLcom
ID: 39784600
1. thanks
2. if user downloads the images that mean it is a real visitor
3. ok than we ask for is there any way to serve web page from directly netscaler cache
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 39784605
if user downloads the images that mean it is a real visitor
No, there is no way to detect a 'real' visitor.  Almost everything about browsing a web page can be automated.

As for the 'netscaler cache', you'll have to check the netscaler documentation.  Cache is not necessarily a simple operation.  Web browsers cache web pages and files but they also check with the server to see if there is a new version.  You have to look at what the traffic is for, not just if there is some.
0
 

Author Closing Comment

by:3XLcom
ID: 39784607
thanks
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39784619
You're welcome.
0
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question