Forum Discussion

pjcampbell_7243's avatar
Apr 22, 2011

Failing PCI DSS for cookie insert

The cookie insert is showing the internal IP of my pool members. Is there a way to do F5 generated cookie persistence without displaying this info?

 

 

this is the info they were able to get:

 

 

BIGipServerPOOLNAMEHERE=2097881004.20480.0000 INTERNAL.IP.ADDY.HERE 80

 

 

 

I couldn't figure out how to get this by dumping headers and cookies with curl but that is moot.

 

 

 

  • Hi PJ,

     

     

    You can encrypt the persistence cookie using a custom HTTP profile with the cookies to encrypt set to the persistence cookie name.

     

     

    Aaron
  • Posted By pjcampbell on 04/22/2011 11:05 AM

     

    I couldn't figure out how to get this by dumping headers and cookies with curl but that is moot.

     

     

     

     

     

    Was this SSL traffic? If so, you will need the key and you will need to use ssldump to decrypt it.. you could always use wireshark locally if you have the key, but I like doing it all on the box.. and we have policies about transferring keys around..

     

     

    sol10209: Overview of packet tracing with the ssldump utility http://support.f5.com/kb/en-us/solutions/public/10000/200/sol10209.html?sr=14639274

     

     

    Additionally, if you want to capture the header info, and you will if you want to troubleshoot cookies, you will need to use the -H option to do so... I recommended F5 to add that info to the solution but I don't think they have...

     

     

     

    Here is a good list of ssldumps features: http://www.rtfm.com/ssldump/Ssldump.html