Subscribe:

Ads 468x60px

Featured Posts

24 January 2022

Le Paris de Modiano: Louki

Je vais écrire sur Louki, alias Jacqueline Delanque, qui est le personnage principal du livre «Dans le café de la jeunesse perdue» de Patrick Modiano que j’ai lu à Noël. Elle est une jeune femme de 22 ans qui semble célibataire mais elle a réellement un mari plus âgé qu’elle. L’auteur raconte la vie de Louki sous différents angles où nous pouvons connaître l’enfance y les sentiments de cette femme perdue.

Modiano décrit Louki comme une ado très belle qui est désirée et aimée par les autres. Dans ma tête, elle est faible et frêle même si elle aime faire de la randonnée et se balader dans le quartier, elle n’a pas une allure athlétique. Louki est de style bohème avec les cheveux châtains et longs, et toujours bien peignés. Sa teint fraîche, éclatante et lumineuse fait tomber amoureux de n’importe qui.

Le livre nous montre Louki comme un femme calme et mystérieux d’autant plus qu’elle a des fringales incontrôlable de mettre fin à son passé. Elle veut se libérer de sa mémoire puisqu’elle a de mauvais souvenirs de son passé. En fait, elle est soulagée lorsqu’un groupe de buveurs du bar la surnomme Louki au lieu de son vrai nom Jacqueline Delanque. Finalement, dès qu’elle peut laisser son passé, elle nous donne une fin tragique.

17 January 2022

F5 ASM – Enforced & Allowed cookies

I’ve been working these weeks with a customer who needs to protect cookies. Initially, something was not working properly with users’ sessions and we needed to protect services. However, after testing and testing, we got it thanks to the enforced and allowed cookie feature in F5 BIG-IP ASM. If you have created a basic security policy such as a Rapid Deployment Policy, you are not protecting cookies, but if you have created an advanced security policy and you want to protect cookies, you’ll need to know how F5 BIG-IP ASM works with enforced cookies and allowed cookies.

When we create a security policy with cookie selective, we are going to see in the traffic learning section all cookies needed by the application. In fact, the traffic learning is going to suggest if we want to enforce cookies. The F5 Knowledge Center is really useful. We can read that enforced cookies may not be changed by the client. Therefore, we should configure enforced cookies for Preventing Session Hijacking. As a result, if an attacker steal a cookie or modify a cookie, there will be an alarm like “Modified domain cookie(s)”

On the other hand, we can also configure the cookie as allowed instead of enforced. Once again, if we go to the F5 Knowledge Center, we can read that allowed cookies are ignored by the system and they can be changed by the client. Therefore, if you want to configure cookie hijacking protection, you should configure your cookies as enforced instead of allowed. However, we can also protect cookies when they can be changed by the client. I mean, we can check the cookies’ value to know if users are inserting malicious code in the cookie. This is really useful and easy with attack signatures.

The best way to know how enforced cookies and allowed cookies work is watching a video. I’ve recorded a video where you can watch an example of cookie protection. Firstly, I’ve checked hackazon has a cookie hijacking vulnerability. Secondly, I’ve configured session hijacking protection in F5 BIG-IP ASM. Thirdly, we can watch how F5 BIG-IP detects and blocks the attack with an enforced cookie. Fourthly, we can watch that the allowed cookie doesn’t detect and block the cookie hijacking attack. Finally, we can watch an XSS attack which can be blocked with the allowed cookie configuration.

To sum up, there are two options for configuring cookie protection in F5 BIG-IP ASM. The first one, or the enforced cookie, is useful when we want to prevent cookie hijacking attacks. We are going to configure this option when clients should not change cookies. On the other hand, the allowed cookie is useful when clients can change cookies but we want to protect these changes from attacks.

Regards my friends! Have you ever configured cookie protection?

Related Posts Plugin for WordPress, Blogger...

Entradas populares