Forum Discussion

Nimbostratus

Aug 04, 2008

Strip Parity before Matching?

We are currently evaluating Web Application Firewall products. One of the issues we have recently discovered is that some of our applications can optionally support "Even Parity" for po...

app sec

BIG-IP Access Policy Manager (APM)

security

Charlie_Watts_1

Nimbostratus

Aug 06, 2008

I know it seems a bit ridiculous, and I completely agree - but this is for a couple of payment processing protocols that haven't grown up much over the years.

It made sense to use parity with dial-up connections. Rather than cease using parity bits when IP & TCP & HTTP came into play, they just tunnel the old protocols inside the new ones. (Some of these protocols still do ENQ/ACK/BEL/NAK as well.)

My application understands parity if it is present, but does not require it to be.

In the F5 I don't need to validate that parity is correct, I just want to strip off the high bit of each byte before performing any of the Application Security checks. If I can AND each byte with 01111111 before performing the rest of the analysis ...

Could you point me in the right direction to do this?

Thank you very much.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)