Since 19 December 2020 7pm CET we see a possible worldwide DDOS amplify attack against Citrix Gateway UDP:443 DTLS EDT services.
11.01.2021: Added information about the new Citrix ADC Gateway (formerly NetScaler) firmware releases, which solve the memory leak issue with -helloVerifiyRequest
24.12.2020: Added information about the official Citrix Knowledge Center article CTX289674
Added a final summary, that repeats all possible solutions
Maked it a lot clearer, that -helloVerifiyRequest doesn’t seem to work well
22.12.2020: Added a warning note, that -helloVerifiyRequest doesn’t work on all Citrix ADC (NetScaler) firmware versions
21.12.2020: Added a third possible solution regarding -helloVerifiyRequest
21.12.2020: Initial version
During the night from Saturday (19.12.2020) to Sunday (20.12.2020) our Zabbix Monitoring informed us, that several Citrix Gateway VPX (50) appliances were at its license cap. We investigated the situation and soon found out, that we had 0 ICA sessions on most of them, hence no explanation for the traffic.
Today I passed exam 1Y0-351 after I visited the early access classroom: CNS-222EAI Early Access: NetScaler for Apps and Desktops
in may 2016. I already passed the CCA-N in August 2016, but forgot to post it here, if I remember correctly.
I’m would like to say, that the new NetScaler Gateway classroom course CNS-222 was a great help and the instructor Paul Berr did a great job!
Since the course I barely use the WebGui anymore, and achieved great progress in CLI only configurations. I built my self several CLI templates for regular tasks and improved my skills from deployment to deployment.
Last Friday I had to write a large NetScaler config file. Most of the time I do this in a plain text editor. Then I asked myself, if there is any form of code editor for NetScaler. I didn’t found one after a quick research, but I found a syntax highlighting definition for Notepad++ which is a lot better than nothing 😀
Here is the source, it’s a German website, but you can’t overlook the following line:
“Hier die aktuelle Version [Stand 29.02.2016] : Netscaler.xml”
“Here is the latest version [Last Update 29th February 2016] : Netscaler.xml”
What’s new (at least for me) is that the free 500 “Maximum NetScaler Gateway Users Allowed” are also viable for the Express Edition. See the following screenshot from a fresh imported VPX Express with 5 mbit license: