Solved: Special Characters in Passwords. Is it a problem? - Micro Focus Community

sbotharaj · ‎2012-12-11

Please find below the thread which I initiated after facing issue integrating Cisco IPS with SmartConnector.

I have almost concluded that the root cause is due to special characters used in the password of the account that I created in Cisco IPS with viewer privilege.

I will come to final conclusion (& further taking this up with HP Support) upon doing another test tomorrow in a different network.

Meanwhile, can anyone has faced this type of issue before?

-Suresh.

pbrettle · ‎2015-07-14

Over the years there have been a number of instances where special characters have caused issues authenticating to the system, devices and log sources. Most have been fixed, but I would suggest that its something to be cautious of and make sure its simple and easy to deal with.

For example, I have done a lot of work in Turkey, and fell for the oldest trick in the book / keyboard - the 'i' character has a special one and a normal one - get it wrong and its incorrect. There are lots of examples of this from around the world. Why mention this? Because its also an easy one to trip up on - for example, language settings, code pages for Windows and international settings for your log source and the SmartConnector you are running often are in conflict with each other - as a result, its easy to get them wrong and trip up. The mixed support of languages and keyboards on appliances (not just ArcSight but other vendors too) causes issues also, so its worth bearing this in mind.

Finally, SmartConnectors use Java as the environment to run and are defined as American English if they fail to read the underlying OS settings. Thats OK, but keyboard mappings can be different, ability to understand certain characters may not be there and hence it simply could get it wrong as you type the password. Personally, if you hit any issues like this - go in to the SmartConnector without using the wizard mode (i.e. go to "arcsight agentsetup" from the command line and when it asks, don't use the wizard). This opens up the full dialog box and you can check the settings from there - as in see the fields and you can directly enter them, such as password - you won't see what they are (they are obfuscated), but you can enter them in here too.

There is a way to obfuscate the password in an agent.properties file - but don't have it to hand at the moment. You can't unobfuscate it, but you can run the password you think it is and compare it to what is stored - hence check what is possibly going wrong.

View solution in original post

amgupta · ‎2012-12-12

That sounds something new to me but quite interesting. So what is the result when you use, simple password and try to integrate.

sbotharaj · ‎2012-12-12

Amit,

One of the consultants here confirms :"I had also observed the same for ASA firewalls while defining pre-shared keys of site to site VPN tunnels."

So the issue may be related only to the behaviour of Cisco devices. I am following up with HP ArcSight already. Will update you soon.

santhosh.i · ‎2012-12-13

Hi Suresh,

I viewed ur post about CISCO IPS!

I' too faced the same issue ,, once I not opt - validate certificate - then it works perfect,,,

but password I used with special characters, i never faced issue with special characters passwords in any of the connector.

This is new for me , waiting for your update.

regards

Santhosh

sbotharaj · ‎2012-12-13

Santhosh,

I may be wrong about passwords with special characters. I have been following up with HP ArcSight support. Will let you know their response.

-Suresh.

sbotharaj · ‎2012-12-21

I have got verbal confirmation during HP Workshop held two days back that they are aware about problems with passwords having special characters. I will wait for the return of the support guy after vacation to elaborate on this.

sbotharaj · ‎2015-07-02

Two years since my last post on this, I am still coming across cases of integration failures root cause of which is due to Special Characters in the passwords. Sample situation: Cisco IPS.

Can someone confirm this is the case?

balahasan.v1 · ‎2015-07-07

Hi Suresh,

Is this something with the Device end configuration or Connector Authentication issue

sbotharaj · ‎2015-07-07

Its the way Connector stores the passwords (obfuscation) to login to certain log sources.

kreed7 · ‎2015-07-08

I've used a few special characters in passwords in my day and do not remembering having much of an issue.

This strikes me weird.

vitz1 · ‎2015-07-13

Seems that ArcSight likes passwords

pbrettle · ‎2015-07-14

Over the years there have been a number of instances where special characters have caused issues authenticating to the system, devices and log sources. Most have been fixed, but I would suggest that its something to be cautious of and make sure its simple and easy to deal with.

For example, I have done a lot of work in Turkey, and fell for the oldest trick in the book / keyboard - the 'i' character has a special one and a normal one - get it wrong and its incorrect. There are lots of examples of this from around the world. Why mention this? Because its also an easy one to trip up on - for example, language settings, code pages for Windows and international settings for your log source and the SmartConnector you are running often are in conflict with each other - as a result, its easy to get them wrong and trip up. The mixed support of languages and keyboards on appliances (not just ArcSight but other vendors too) causes issues also, so its worth bearing this in mind.

Finally, SmartConnectors use Java as the environment to run and are defined as American English if they fail to read the underlying OS settings. Thats OK, but keyboard mappings can be different, ability to understand certain characters may not be there and hence it simply could get it wrong as you type the password. Personally, if you hit any issues like this - go in to the SmartConnector without using the wizard mode (i.e. go to "arcsight agentsetup" from the command line and when it asks, don't use the wizard). This opens up the full dialog box and you can check the settings from there - as in see the fields and you can directly enter them, such as password - you won't see what they are (they are obfuscated), but you can enter them in here too.

There is a way to obfuscate the password in an agent.properties file - but don't have it to hand at the moment. You can't unobfuscate it, but you can run the password you think it is and compare it to what is stored - hence check what is possibly going wrong.

View solution in original post

Special Characters in Passwords. Is it a problem?

Smart Connector