[Gllug] Sticky cookies
Simon Wilcox
essuu at ourshack.com
Fri Aug 15 11:43:55 UTC 2008
Chris Bell wrote:
> On Fri 15 Aug, Simon Wilcox wrote:
>
>> If it's a public site can you name them ?
>>
>
> An organisation called Neighbournet is starting up local sites such as
> www.actonw3.com with a local office and what may be be an American IP
> address for their support service.
The site drops one cookie:
Cookie: ASPSESSIONIDAQRAQQAB=EIEDNCKCCMDCBFHJPPOINKON
Another server identifies itself as app.nnet-server.com, this looks like
the core neighbourhoodnet application server. It's actually serving
all the real content, actonw3.com just drops a simple frameset to mask
the core site.
nnet-server.net drops two cookies:
Cookie: ASPSESSIONIDCCQTTABQ=IPBOLMJCNIALOJJIFGLBIIMA
Cookie: ASPSESSIONIDCSSCDDBD=DBNOIJPBKHBIFNJEJEKDHIPA
The other headers indicate that this is an IIS server running ASP.NET.
These cookies are internal session tracking cookies which .NET sprinkles
over everything.
The bit after ASPSESSIONID before the = is the application pool id iirc.
So these just look like normal session cookies. The part after the = is
the key into the database, it doesn't contain any sensitive information.
I would say that it's quite OK to enable these cookies. They can't
reveal anything of interest in their own right.
HTH,
Simon.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list