Detections
Analytics
F5BI-DM-300099 - The F5 BIG-IP appliance must be configured to restrict a consistent inbound IP for the entire management session.
Information
This security measure helps limit the effects of denial-of-service (DoS) attacks by employing anti-session hijacking security safeguards. Session hijacking, also called cookie hijacking, is the exploitation of a valid computer session to gain unauthorized access to an application. The attacker steals (or hijacks) the cookies from a valid user and attempts to use them for authentication.Solution
From the BIG-IP GUI:1. System.
2. Preferences.
3. Under "Security Settings", check "Require A Consistent Inbound IP For The Entire Web Session".
4. Update.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_F5_BIG-IP_TMOS_Y25M07_STIG.zip
Item Details
Audit Name: DISA F5 BIG-IP TMOS NDM STIG v1r2
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-5, CAT|II, CCI|CCI-002385, Rule-ID|SV-266135r1024669_rule, STIG-ID|F5BI-DM-300099, Vuln-ID|V-266135
Plugin: F5
Control ID: 99f5d55fb461adefc88a91ea3084499b837217696c95940eab7d4e95acfca583