iRule: Securing Cookies
So, you've got yourself some info that you want to stash in a cookie. The problem is that cookie contents are stored in HTTP headers which can be snooped on by those out there you want to k...
Published Nov 09, 2005
Version 1.0
You gain the protection from a man-in-the-middle attack where a 3rd party was sniffing traffic and was able to replicate your login from their system by copying your cookie. By encrypting the cookie with the IP of the client connection, the would-be hacker would have to hack his connection to make it look like the TCP connection from his system was the same as yours which is very difficult to do. You are correct that this would work on any other browser on your current system but typically if a hacker has gained access to your operating system, you have more to worry about...
-Joe