Forum Discussion
Nimbostratusvulnerability
Can anyone suggest me a hotfix or aworkaround to get rid of this vulnerability http://www.tenable.com/plugins/index.php?view=single&id=20089;%20Support%20information:%20http://support.f5.com/kb/en-us/solutions/public/6000/900/sol6917.html
Synopsis :
The remote load balancer suffers from an information disclosure vulnerability.
Description :
The remote host appears to be an F5 BIG-IP load balancer. The load balancer encodes the IP address of the actual web server that it is acting on behalf of within a cookie. Additionally, information after 'BIGipServer' is configured by the user and may be the logical name of the device. These values may disclose sensitive information, such as internal IP addresses and names.
6 Replies
Yann_DesmarestCirrus
Hello,
You can encrypt your persistence cookie via irule or on http profile
-
You can set the name of the cookie in "Cookie encrypt" option of your http profile
-
You can check cookie encryption from your cookie persistence profile (may be not available if you run an old bigip version)
-
or you can encrypt the cookie using irules : https://devcentral.f5.com/wiki/irules.EncryptingCookies.ashx
-
Abi80_167352thanks Yann i will look into it
ArieAltostratus
There's another information disclosure issue when the BIG-IP directly responds to an HTTP-request. In that case it will insert the following header:
Server: BigIPTo suppress this header you can add "noserver" to HTTP::respond:
HTTP::respond 301 noserver Location "http://www.domain.com/"- Abi80_167352
Is it different to he http we have udner Profile -- services -http
- Yann_Desmarestit's the same. You can remove it from your http profile. This option modify Server headers generated by BIG-IP itself.
- Abi80_167352
thanks guys appreciate it
