Shulou(Shulou.com)06/01 Report--

What do you do with guard data?

This thing is in http response, if it contains credit cards, us social security cards, information and so on, asm will protect it accordingly.

If it is in block mode, then response will directly block

If it is in transparent mode, then F5 will overwrite the string of numbers with an asterisk

2. Go to demo directly.

Normal request

F5 configuration

Repeat the login operation and directly block

Read the log.

3. Change the asm policy to transparent

Found that the credit card column has become an asterisk.

Trickery: there is no strategy for overwriting credit cards with asterisks in block.

4, if you just want to cover up the first few

Then set it at custom patterns.

For example, our demo is a 16-bit card number.

There was only one person left when I filled in 5BI 15. During the test, I found that when I filled in 6, there were only 4 left.

Conclusion: there is no more testing. I don't know how to calculate the specific algorithm. The God who knows can leave me a message.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.