Gustavo_Lazarte
Oct 08, 2009Nimbostratus
predictable session ID
Hello,
WE are failing a security audit due to having a predicitable session ID number for the HTTP protocol.
We have a group of webservers in a pool and a virtual server polls from the pool, we use cookies for the
persistence profile. Is this a problem in the F5 or should I look in the IIS 6 webservers sitting in the pool.
The F5 handles the HTTP and HTTPS traffic.
Thanks