AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of sunhux
sunhux
 asked on

How to mitigate against SHA256 hashes if our devices can't support it

Understand  EPO & NIDS can't add SHA256 hashes but we wud still want to mitigate against them.

how can we go about doing this?  So far our EPO could block/prevent creation of certain file
extensions
VulnerabilitiesAnti-Virus AppsNetwork Security
Avatar of undefined
Last Comment
btan
8/22/2022 - Mon
sunhux
ASKER
The devices that lack this SHA256 hashes support I'm referring to
are McAfee EPO &  IPS
sunhux
ASKER
Sample SHA256 hashes to mitigate against :
•        899ff9489dde2c5f49d6835625353bfe5ea8ca3195ca01362987a9d4bdac162d
•        91ad7df7cae1c897e309f2cc1a5fad99c274a10e2d1ed2ea7321c72590bb35a7


EPO & IPS only support MD5 hashes
sunhux
ASKER
Is there any way to translate/convert the SHA256 hashes to say a file name etc so that we can block the filenames instead?
Your help has saved me hundreds of hours of internet surfing.
fblack61
SOLUTION
btan
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
sunhux
ASKER
Thanks very much:  can check if the following 3 MD5 is equiv to the following 3 SHA256 hashes:

MD5:
•        02b5964f93bcd22c4f6cedd64c3b3de3
•        05d3b1a957167d6122e280c959631e89
•        0B8064C1796F0048DF910028E7AC0191

SHA256:
•        0c5e0a81efc0ccc406e5e6eaa222a79b491f4aa2938cf7cc72d0d027b53a9d99
•        1739bdd96b6ec3ad7ef5dbae90ff60cd04aa568ef0af266791ec64815fc7ab8c
•        21b098d721ea88bf237c08cdb5c619aa435046d9143bd4a2c4ec463dcf275cbe
ASKER CERTIFIED SOLUTION
btan
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
sunhux
ASKER
Thanks, so can we use the virustotal site to convert the SHA256 values to
MD5 values & input the MD5 values into our EPO & IPS instead?
SOLUTION
btan
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent