Forum Discussion
doke_23794
Aug 05, 2016Nimbostratus
https://tom.vg/papers/heist_blackhat2016.pdf Section "4.3.2 Apply random padding (inadequate)" on page 24 says my length padding idea in extra headers isn't good enough.
On the other hand, I think it's easier to apply than the others. It's one of the few mitigations I could apply in the f5, to protect existing applications. I'm not sure I could do the 3rd party cookie blocking in an iRule?