This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Bharat_Kumar
Participant
‎2024-02-27 03:13 AM
Jump to solution

Backups are stripped of sensitive information (such as usernames/passwords/preshared keys)

 

Are checkpoint backups stripped of sensitive information (such as usernames/passwords/preshared keys) when created ? 

0 Kudos
1 Solution

Accepted Solutions
Lesley
Leader Leader
Leader
‎2024-02-27 06:43 AM
Jump to solution

It uses a hash to encrypt passwords, so nothing is stripped. To see what hash was used:

 show password-controls password-hash-type

To see PSK hash:

vpn dump_psk

To see Smartconsole password from mgmt:

psql_client cpm postgres -c "select fwset from dleobjectderef_data where name='<UserName>';" | grep internal_password

To see hash local GAIA users

show configuration user

I also assume you are fully updated and not running versions with known issues (like old CPinfo version). 

-------
If you like this post please give a thumbs up(kudo)! 🙂

View solution in original post

0 Kudos
(1)
2 Replies
Lesley
Leader Leader
Leader
‎2024-02-27 06:43 AM
Jump to solution

It uses a hash to encrypt passwords, so nothing is stripped. To see what hash was used:

 show password-controls password-hash-type

To see PSK hash:

vpn dump_psk

To see Smartconsole password from mgmt:

psql_client cpm postgres -c "select fwset from dleobjectderef_data where name='<UserName>';" | grep internal_password

To see hash local GAIA users

show configuration user

I also assume you are fully updated and not running versions with known issues (like old CPinfo version). 

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
(1)
Bharat_Kumar
Participant
‎2024-02-27 08:29 AM
In response to Lesley
Jump to solution

@Lesley Thanks for your response and clarification, yes it's fully updated, and a new Maestro build running at R81.20. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events