Forum Discussion

Hakam24's avatar
Hakam24
Icon for Nimbostratus rankNimbostratus
Oct 18, 2024

Best Solution For Unencrypted Cookies

Unencrypted Cookies: The Hidden Gateway for Cyber Reconnaissance in F5 BIG-IP Systems.

  1. https://thehackernews.com/2024/10/cisa-warns-of-threat-actors-exploiting.html?m=1
  2. https://www.infosecurity-magazine.com/news/cisa-urges-encryption-cookies-f?utm_source=twitterfeed&utm_medium=twitter
  3. https://www.bleepingcomputer.com/news/security/cisa-hackers-abuse-f5-big-ip-cookies-to-map-internal-servers/
  4. https://www.security.nl/posting/861650/CISA+meldt+misbruik+onversleutelde+ cookies+F5+BIG-IP+Local+Traffic+Manager?channel=twitter
  5. https://www.cisa.gov/news-events/alerts/2024/10/10/best-practices-configure-big-ip-ltm-systems-encrypt-http-persistence-cookies

 

Just want to ask the best solution.

1. Configuring cookie encryption within the HTTP profile :https://my.f5.com/manage/s/article/K14784

2. Configuring cookie encryption for BIG-IP persistence cookies from the cookie persistence profile :https://my.f5.com/manage/s/article/K23254150

 

If using HTTP profile. When applied to the virtual server. with HTTP Profile need to apply ?
1. HTTP Profile (Client) 
2. HTTP Profile (Server)

But Currently, we using HTTP Profile(Client) for x-forwarded-for. Can we using HTTP Profile(Server)?

If using persistence cookies, we already have the default Persistence profile by "source_addr" so need to change to cookie encryption ?



What other solution to solve this?

security
No RepliesBe the first to reply