Technical Articles
F5 SMEs share good practice.
cancel
Showing results for 
Search instead for 
Did you mean: 
ltwagnon
Legacy Employee
Legacy Employee

The BIG-IP creates cookies (when enabled) in order to allow persistence.  Several people have asked what these cookies look like and how their values are generated.  This video digs into the details of cookie persistence values and how they are calculated.  Enjoy!  



Related Resources:

Comments
Aditya_Mehra
Cirrus
Cirrus

Thanks John, Very Very informative! You said that if we capture cookies then we can reverse engineer. So how can we capture the cookie? Thanks, Aditya

 

Aditya_248044
Nimbostratus
Nimbostratus

Thanks John, Very Very informative! You said that if we capture cookies then we can reverse engineer. So how can we capture the cookie? Thanks, Aditya

 

MSZ
Nimbostratus
Nimbostratus

How did you convert the port number?

 

ltwagnon
Legacy Employee
Legacy Employee

@Aditya, great question! If you want to capture the cookie on your browser, you can right click on the page and open the "inspect" feature and look at application cookies. You can see all the cookies on your browser from there. Keep in mind each browser will store its own cookies, so this list will be browser-specific. If you are wanting to capture all the cookies on the BIG-IP, then you can run an iRule to check them all out. Here's a link to an iRule that should help with that: https://devcentral.f5.com/codeshare?sid=631

 

ltwagnon
Legacy Employee
Legacy Employee

@MSZ, the port number is converted the same way as the IP address. You convert to hexadecimal, then reverse order the hex numbers, then convert to decimal. If the port number is less than 256, the first two hex digits (prior to reverse ordering) are 0x00. The later part of the video above (starting at about the 6:30 mark) shows the calculation on port number. Hope this helps!

 

MSZ
Nimbostratus
Nimbostratus

How many cookies are created noramlly for application?

 

ltwagnon
Legacy Employee
Legacy Employee

@MSZ, great question! Each application developer can set cookie limits as desired, so it depends on how the application is designed as to how many cookies there are. As for browsers, each one is a little different, but they all can typically handle at least 4096 bytes of cookies per domain. Here's an interesting article that gives a little more info: https://www.thoughtco.com/cookie-limit-per-domain-3466809

 

Aditya_Mehra
Cirrus
Cirrus

Hi John,

 

As we see that by reverse engineering it is possible to see the IP address and port of the Server via the cookie. So is there a way to mask the IP & Port in the cookie so that the public users cannot re-engineer the IP of the server (for security purpose) ?

 

Thanks, Aditya

 

Aditya_248044
Nimbostratus
Nimbostratus

Hi John,

 

As we see that by reverse engineering it is possible to see the IP address and port of the Server via the cookie. So is there a way to mask the IP & Port in the cookie so that the public users cannot re-engineer the IP of the server (for security purpose) ?

 

Thanks, Aditya

 

ltwagnon
Legacy Employee
Legacy Employee

Aditya, great question. The way to hide the contents of the cookie is to encrypt the cookie, and the BIG-IP allows for cookie encryption. When encrypted, the cookie contents are not readable. Here's more information on cookie encryption: https://support.f5.com/csp/article/K14784

 

Version history
Last update:
‎02-Aug-2017 03:00
Updated by:
Contributors