Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Highlighted
Established Member.. sbotharaj
Established Member..
1454 views

Special Characters in Passwords. Is it a problem?

Jump to solution

Please find below the thread which I initiated after facing issue integrating Cisco IPS with SmartConnector.

I have almost concluded that the root cause is due to special characters used in the password of the account that I created in Cisco IPS with viewer privilege.

I will come to final conclusion (& further taking this up with HP Support) upon doing another test tomorrow in a different network.

Meanwhile, can anyone has faced this type of issue before?

-Suresh.

Labels (1)
0 Likes
1 Solution

Accepted Solutions
pbrettle Acclaimed Contributor.
Acclaimed Contributor.

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Over the years there have been a number of instances where special characters have caused issues authenticating to the system, devices and log sources. Most have been fixed, but I would suggest that its something to be cautious of and make sure its simple and easy to deal with.

For example, I have done a lot of work in Turkey, and fell for the oldest trick in the book / keyboard - the 'i' character has a special one and a normal one - get it wrong and its incorrect. There are lots of examples of this from around the world. Why mention this? Because its also an easy one to trip up on - for example, language settings, code pages for Windows and international settings for your log source and the SmartConnector you are running often are in conflict with each other - as a result, its easy to get them wrong and trip up. The mixed support of languages and keyboards on appliances (not just ArcSight but other vendors too) causes issues also, so its worth bearing this in mind.

Finally, SmartConnectors use Java as the environment to run and are defined as American English if they fail to read the underlying OS settings. Thats OK, but keyboard mappings can be different, ability to understand certain characters may not be there and hence it simply could get it wrong as you type the password. Personally, if you hit any issues like this - go in to the SmartConnector without using the wizard mode (i.e. go to "arcsight agentsetup" from the command line and when it asks, don't use the wizard). This opens up the full dialog box and you can check the settings from there - as in see the fields and you can directly enter them, such as password - you won't see what they are (they are obfuscated), but you can enter them in here too.

There is a way to obfuscate the password in an agent.properties file - but don't have it to hand at the moment. You can't unobfuscate it, but you can run the password you think it is and compare it to what is stored - hence check what is possibly going wrong.

0 Likes
12 Replies
amgupta Absent Member.
Absent Member.

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

That sounds something new to me but quite interesting. So what is the result when you use, simple password and try to integrate.

0 Likes
Established Member.. sbotharaj
Established Member..

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Amit,

One of the consultants here confirms :"I had also observed the same for ASA firewalls while defining pre-shared keys of site to site VPN tunnels."

So the issue may be related only to the behaviour of Cisco devices. I am following up with HP ArcSight already.  Will update you soon.

0 Likes
santhosh.i Absent Member.
Absent Member.

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Hi Suresh,

I viewed ur post about CISCO IPS!

I' too faced the same issue ,, once I not opt - validate certificate - then it works perfect,,,

but password I used with special characters,  i never faced issue with special characters passwords in any of the connector.

This is new for me , waiting for your update.

regards

Santhosh

0 Likes
Established Member.. sbotharaj
Established Member..

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Santhosh,

I may be wrong about passwords with special characters. I have been following up with HP ArcSight support.  Will let you know their response.

-Suresh.

0 Likes
Established Member.. sbotharaj
Established Member..

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

I have got verbal confirmation during HP Workshop held two days back that they are aware about problems with passwords having special characters.  I will wait for the return of the support guy after vacation to elaborate on this.

0 Likes
Established Member.. sbotharaj
Established Member..

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Two years since my last post on this, I am still coming across cases of integration failures root cause of which is due to Special Characters in the passwords.  Sample situation: Cisco IPS.

Can someone confirm this is the case?

0 Likes
balahasan.v1 Acclaimed Contributor.
Acclaimed Contributor.

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Hi Suresh,

Is this something with the Device end configuration or Connector Authentication issue

0 Likes
Established Member.. sbotharaj
Established Member..

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Its the way Connector stores the passwords (obfuscation) to login to certain log sources.

0 Likes
kreed7 Absent Member.
Absent Member.

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

I've used a few special characters in passwords in my day and do not remembering having much of an issue.

This strikes me weird.

0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Seems that ArcSight likes passwords

0 Likes
pbrettle Acclaimed Contributor.
Acclaimed Contributor.

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Over the years there have been a number of instances where special characters have caused issues authenticating to the system, devices and log sources. Most have been fixed, but I would suggest that its something to be cautious of and make sure its simple and easy to deal with.

For example, I have done a lot of work in Turkey, and fell for the oldest trick in the book / keyboard - the 'i' character has a special one and a normal one - get it wrong and its incorrect. There are lots of examples of this from around the world. Why mention this? Because its also an easy one to trip up on - for example, language settings, code pages for Windows and international settings for your log source and the SmartConnector you are running often are in conflict with each other - as a result, its easy to get them wrong and trip up. The mixed support of languages and keyboards on appliances (not just ArcSight but other vendors too) causes issues also, so its worth bearing this in mind.

Finally, SmartConnectors use Java as the environment to run and are defined as American English if they fail to read the underlying OS settings. Thats OK, but keyboard mappings can be different, ability to understand certain characters may not be there and hence it simply could get it wrong as you type the password. Personally, if you hit any issues like this - go in to the SmartConnector without using the wizard mode (i.e. go to "arcsight agentsetup" from the command line and when it asks, don't use the wizard). This opens up the full dialog box and you can check the settings from there - as in see the fields and you can directly enter them, such as password - you won't see what they are (they are obfuscated), but you can enter them in here too.

There is a way to obfuscate the password in an agent.properties file - but don't have it to hand at the moment. You can't unobfuscate it, but you can run the password you think it is and compare it to what is stored - hence check what is possibly going wrong.

0 Likes
Established Member.. sbotharaj
Established Member..

Re: Special Characters in Passwords. Is it a problem?

Jump to solution

Thank you, Paul for the insight.  I have marked it as Correct Answer based on the experience I underwent in this issue + others can immediately check your steps & fix such issue.

As of now, I don't have a situation to test this.  When I get one, will definitely revisit & provide my observations.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.