SRX

 View Only
last person joined: 4 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
Expand all | Collapse all

checksum Vs Hash digest

  • 1.  checksum Vs Hash digest

    Posted 08-12-2017 05:58

    both checksum and digest provide the ability to gurentee that the data was not modified 

    So what would make Hash code better than checksum ?? 



  • 2.  RE: checksum Vs Hash digest
    Best Answer

    Posted 08-12-2017 06:30

    Checksums are an early design just to confirm against transit corruption in communication systems and links.  This is a quick simple verification that the links are correctly communicating data.  You can selectively modify data and keep checksums passing.  But that would not happen by accident in transit.  So the original purpose of the checksum still works to detect link problems.

     

    Hashes are more robust and designed to add security to detect mailicious manipulation of data in transit.  These are security features and constantly evolving as the threat to data access and manipulation increases.



  • 3.  RE: checksum Vs Hash digest

    Posted 05-08-2024 12:00

    Dear Sir,

    any reason why SRX 340 with OS 22 generating hash as hmac-sha  "$8$aes256-gcm$hmac-sha2-256$100$TfNtKvy8tHI$Zab98cIoV+lVAG0+VzVyEw$o//xWmkmKBTCpC8VEzv9/A$XEMe5cW9cmhuxvdMOpg65g"'

    instead of "$9$0k     

    pls help!



    ------------------------------
    ALI ARKAWAZI
    ------------------------------



  • 4.  RE: checksum Vs Hash digest

    Posted 05-09-2024 12:32

    thanks for the reply boss!

    is there a command to force SRX to use $9 format hash instead of $8 format? 



    ------------------------------
    ALI ARKAWAZI
    ------------------------------



  • 5.  RE: checksum Vs Hash digest

    Posted 05-09-2024 15:04

    I suspect you'll have to zeroize the system.



    ------------------------------
    Nikolay Semov
    ------------------------------



  • 6.  RE: checksum Vs Hash digest

    Posted 05-10-2024 04:41

    Have you tried resetting to factory, then connecting via the console port, then in the cli switch to root access commands. There is a document which covers this on the web. I know it's still there and it's for srx300. I'd look for it but I forgot the keywords.

    Here is one.

    https://supportportal.juniper.net/s/article/SRX-Getting-Started-Configure-Admin-User?language=en_US

    Try starting from scratch. Also, in the command structure, it might be an option when done from the console.

    1. First try the console.
    2. Then try your way.


    ------------------------------
    Adrian Aguinaga
    B.S.C.M. I.T.T. Tech
    (Construction Management)
    A.A.S. I.T.T. Tech
    (Drafting & Design)
    ------------------------------



  • 7.  RE: checksum Vs Hash digest

    Posted 05-09-2024 12:34

    Looks like you have a master password configured on the device. Check this out: https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/master-password-configuration-encryption.html#id-hardening-shared-secrets-in-junos-os



    ------------------------------
    Nikolay Semov
    ------------------------------



  • 8.  RE: checksum Vs Hash digest

    Posted 05-11-2024 10:12

    you are not wrong. I have configured master password and the reason for that is because the password are generated as " secret-key" instead of hashed key. when I upload the config file with " secret-key"  hashed key, the SRX does not recognize it. 

    thanks for your help boss!



    ------------------------------
    ALI ARKAWAZI
    ------------------------------



  • 9.  RE: checksum Vs Hash digest

    Posted 7 days ago

    for some reason, I can not post.

    please I need help with nating multicast address from 239.1.1.1 to 239.2.2.2 for example. when I create a pool and commit, it says invalid address. any idea? 

    thanks in advance 



    ------------------------------
    ALI ARKAWAZI
    ------------------------------