Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
782
Views
0
Helpful
1
Replies

How to sep up router to check usernames and password hashes in net flo

michael.mcmahon
Level 1
Level 1

‎12-07-2022 02:36 PM

Since usernames and passwords uses sha2 hashes is there any way to use net flow to monitor these and compare the hashes and to set embedded event manager to check the hashes against set up hashes to sense this hash is flowing in areas and times at the internal on a device not connected to an IPS or Firewall.

Labels:
0 Helpful
1 Reply 1

M02@rt37
VIP
VIP

‎02-23-2023 01:13 AM

Hello @michael.mcmahon 

No, it is not possible to use NetFlow to monitor usernames and passwords and compare their SHA2 hashes. NetFlow is a network protocol that is used to collect IP traffic information, such as source and destination IP addresses, protocol types, and port numbers. It does not capture or store sensitive information, such as usernames and passwords. Similarly, embedded event manager (EEM) is a Cisco IOS feature that allows you to automate tasks and detect events based on a wide range of criteria, but it is not designed to monitor or detect password hashes flowing through a network.

To monitor usernames and passwords and their hashes, it is recommended to use security solutions such as an IPS. Security solutions can be configured to detect and alert on the presence of sensitive information flowing through the network, such as usernames and passwords, and their corresponding hashes.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful
Customers Also Viewed These Support Documents