我的學習手記 A technical geek blog: August 2024

WAF block request - Attack Type "HTTP parser attack" Violations - "HTTP protocol compliance failedhe - check maximum header of numbers" header over 21 (Default value is 20, max value is 30)

Recommended Actions

Log on to the BIG-IP ASM/AWAF Configuration utility (gui).

Go to Security > Policy Building > Learning and Blocking Settings.

Expand HTTP protocol compliance failed.

Modify the Check maximum number of headers value to the required value for your application.

Click Save.

Click Apply Policy.

Reference:

https://my.f5.com/manage/s/article/K35241129

Increase "Check maximum number of headers" to 30 under Learning and Blocking settings screen for a policy.

https://cdn.f5.com/product/bugtracker/ID1051213.html

Lenovo T14s Gen 4 upgrade BIOS to 1.20 (R2EUJ39W)

https://support.lenovo.com/us/en/downloads/ds564941-bios-update-utility-bootable-cd-for-windows-11-10-64-bit-thinkpad-t14s-gen-4-type-21f8-21f9

which is fixed the charging issue.

Wednesday, August 7, 2024

D-Link DIR-867 and WPA3 support

January 29, 2024 NOTICE - This hardware revision will no longer receive firmware updates after the End of Support date
(EoS): March 29, 2024.

https://support.dlink.com/ProductInfo.aspx?m=DIR-867-US

If you are using DIR-867, it is good for you to upgrade to the latest version 1.30 since it was fixed several bugs and also it is support WPA3.

https://legacy.us.dlink.com/pages/product.aspx?id=01cef5f501d84cd29f6dc1cf65c04ed1

Firmware - Hardware A1:

https://legacyfiles.us.dlink.com/DIR-867/REVA/Firmware/DIR-867_REVA_FIRMWARE_v1.30B07.zip

CrowdStrike announced a new setting relating to the Incident on 19 July 2024 to allow customer to "control" Channel file update

CrowdStrike announced a new setting relating to the Incident on 19 July 2024, allowing customers to choose update approach on Sensor Operations and Rapid Response Content, but it's a generate setting for all hosts. There is no option for us to choose which group of Hosts effective. It is recommended by CrowdStrike to use "General Availability".

Unless they're allowing customers to define a small pilot group within their company, otherwise this features is almost useless....maybe we can say that it is better than nothing...since they using customers production environment as UAT and they allow you to choice which stage you join the test.

How to disable ESET Endpoint Security via GPO?

Use "Computer Configuration" and set the following policy:

2024年7月30日腾讯安全正式在国际的站发布RASP+方案――泰石引擎

It is recommended Tencent Cloud International CWPP customer (Pro/Ultimate) to enable those new features and also the Ransomware Defence.

Reference about this product release in mainland china at 2022:

https://cloud.tencent.com/developer/article/2119835

https://m.jiemian.com/article/8356977.html

https://segmentfault.com/a/1190000043819095

我的學習手記 A technical geek blog

Pages

Thursday, August 29, 2024

H3C New OS - 磐宁 NingOS

Friday, August 16, 2024

Deepin Package Update in Terminal

Saturday, August 10, 2024

Java application performance issue on Tomcat

WAF block request - Attack Type "HTTP parser attack"