Tag Archives: NetScaler

A simple way for a Citrix ADC (NetScaler) to respond with a 404 not found

I am a big fan of cheating if it comes to security. Giving wrong answers to questions may be misleading and will direct attackers into the wrong direction. This will cost time and, at the same time, rise the risk of being caught red-handed. If someone attacks a website, he… Read more »

Are there Syslog events coming from partitions?

┬ę Wikipedia, Creufop There seems to be no way to log events inside partitions, even though there are settings for logging and configuration seems to be right. They are exactly the same as in default partition. Syslog server is 127.0.0.1, so the local machine. Everything seems to be perfect. But… Read more »

Creating Certificates for Citrix ADC (NetScaler)

The way we create certificates has not changed significantly over the years. Only the wizard is subject to a certain change. This blog is based on Citrix ADC 13, elder versions don’t differ significantly. The following steps are necessary to create a certificate: Generate the key pair Create the certificate-signing… Read more »

Creating a Citrix ADC / NetScaler Test environment #2

last update: May 5th 2020 Almost two years ago I created a test website for Citrix NetScaler. The product is now called Citrix ADC. It had been a set of files, both, for both, Linux and Windows. It allowed you to create a test environment to test load-balancing solutions, content… Read more »

How to recover a Citrix ADC/NetScaler VPX from CVE-2019-19781 (both on Hypervisor and on SDX)

last update: March 2nd 2020 Well, there are many guides. So why do I write a blog about it? Just to have one more? Bull shit! The truth is: I don’t like them at all! What’s wrong about all these guides? They all focus on how to remove malware currently… Read more »

How to start a Citrix ADC / NetScaler WAF Project, Part 4: Start URLs

This is the forth part of this blog. Part Part 1 2 3 4 5 Click here to see how to start your WAF project StartURLs are a powerful tool to protect a web server. Probably, creating StartURLs will be the first thing you need to do. There are two… Read more »

How to start a Citrix ADC / NetScaler WAF Project Part 2: Signatures

This is the second part of this blog. Part 1 2 3 4 5 Click here to see how to start your WAF project Signatures Make sure, signatures get updated automatically. Today (January 22 2020) we have version 40. Check the auto update settings. Check, if Signatures Auto Update is… Read more »

How to start a Citrix ADC / NetScaler WAF Project, Part 1: General

This is the forth part of this blog. Part Part 1 2 3 4 5 I am currently working on a Citrix ADC (NetScaler) WAF project. It’s a big international enterprise, security is of some concern to them. So everything hould be pretty much straight forward? Well, it never is…. Read more »

Citrix ADC: Save access from outside (using SSH or SSL)

Of course you know the problem. You need to access your Citrix ADC, but you are not in the company. Of course you don’t want to open ports 443 and 22 on the firewall, that would be insane. What can you do? I solved the riddle for http and ssh…. Read more »

Virtual Apps and Desktops (XenApp) can’t connect through Citrix Gateway (NetScaler)?

It’s a problem coming up every now and then: I can’t connect to a certain Citrix VDA, but can connect to all/some others. If your problem is a more general one, continue reading here My first guess would always be a L4 problem, but “I opened up all firewalls”. Never… Read more »

statistical data from Citrix ADC / NetScaler APPFW logs

Sometimes, people want to know, how to extract data from APPFW logs. That’s easy, it is in /var/log/ns.log (and it’s predecessors, these ns.log.XX.gz). grep APPFW ns.log will extract all application firewall logs. zcat ns.log.*.gz |grep APPFW will do the same to the old logs. Unfortunately this will give you a… Read more »

AAA-default settings changed with Citrix ADC (NetScaler) 13 built 41.20

Yesterday I upgraded to NetScaler 13 built 41.20. Everything worked fine. No problems. But out of a sudden, my Exchange deployment failed to authenticate (I did it following Julian Mooren’s outstanding deployment guide). I did some further investigation and found all my other AAA servers don’t authenticate, even though the… Read more »

Citrix ADC / NetScaler: two factors from outside, single factor inside

last update: September 25th 2019 I was recently asked: Johannes, is it possible to orun the same AAA server, from the inside with single factor, from the outside with two factor authentication? Of course it is. That’s how you do: Prerequisites My test environment contains of a lb vServer (lb_vsrv_colors)…. Read more »

Citrix ADC (NetScaler) 13: Pre-authenticating to TCP based services

photo by geralt (pixabay.com) last update: January 5th 2020 Recently I had to find a solution to block all connections to a TCP based service (SSH, TCP port 22), except of connections from IP addresses that pr-eauthenticated using a AAA vServer. This is something, most firewalls can do, but a… Read more »

Single sign on to SAS applications using Citrix ADC / NetScaler Gateway and Microsoft ADFS

The problem I recently had to assist designing a portal solution. The customer had an existing solution based on Microsoft ADFS to log on users to ShareFile, Office 365, SAP and similar applications. In addition they used Citrix Gateway (NetScaler Gateway) to publish applications XenApp applications and VDI (XenDesktop) to… Read more »

How will a Citrix ADC (NetScaler) Web-application Firewall (WAF) change your ADC’s behaviour?

There is one thing different about a Citrix ADC WAF (Web Application Firewall) compared to most other features in Citrix ADC: It will affect your whole ADC deployment as soon as you turn it on. It you would, for example, turn on rewriting feature (enable feature RW), it would probably… Read more »

Detecting Slowloris with Citrix NetScaler (Citrix ADC)

Last update: Nov 21th, 2018 tested using firmware 11.1 If you read about slowloris, you always read about NetScaler doing a great job. Tests in our lab environment show: NetScaler will successfully block these attacks. And there is hardly anything we have to do about it: It’s built into the… Read more »

Concerns about Citrix NetScaler Web Application Firewall (WAF)

Let’s talk about a WAF, a Web Application Firewall on a Citrix NetScaler. What’s to be concerned off? Is it worth while considering a NetScaler to be your WAF? I do work for several companies, including Citrix Consulting Services. Recently I worked on some Web Application Firewall projects, so I… Read more »