Endpoint Protection

 View Only
Back to Library

How to collect and add fingerprint of any app or location to SEP manager (Graphical) 

Apr 09, 2017 11:55 AM

Hi all,

 

In this article, I will explain the procedure to collect file fingerprint of any file or location within the system and add the same to Symantec Endpoint Protection Manager.

So, Let's get started.

 

Step 1: Go to Local Drive > Program files(x86) > Symantec > Symantec Endpoint Protection.

You will find Checksum.exe in this folder, that we will use to collect file fingerprint.

 

Step 2: Press and hold Shift Key and right click in empty location (Follow below screen shot) and select Open Command Window Here

Screenshot_1_0.png

Step 3: It will then open the command window at this location. 

Screenshot_2_0.png

Step 4: Now suppose you want to collect file fingerprints of every file from your computer's particular drive (in this case I have selected D drive)

Step 5: 

a. In this window type Checksum.exe or simply type "Ch" without quotes and hit Tab, this will automatically select Checksum.exe from this location.

b. Now type the name of the file which will save the file fingerprint data into a text file. In this example I have given a file with name output.txt You can give any name to this file followed by .txt extension for text file.

c. So the command until now is - Checksum.exe output.txt (There is a space between checksum.exe and output.txt)

d. Next is to select the drive name or the file path of which, we need to collect file fingerprint. So type "D:\" with quotes.

e: So the complete command to collect file fingerprint of all files from D drive is - 

Checksum.exe output.txt "D:\" (There is a space between checksum.exe and output.txt and "D:\")

Screenshot_3_0.png

f: Hit enter and it will start collecting the file fingerprints from D drive as shown below -

Screenshot_4_0.png

Step 6 : After the process completes the window will get close automatically and the output file will have the list of file fingerprints of files from D drive.

Screenshot_7_1.png

Another example : collect file fingerprint of Google chrome (executable file)

 

Step 1 : Right click on the Google Chrome icon and select properties, Now click on shortcut tab and copy the target path which is for chrome.exe

Screenshot_5_0.png

Step 2: Type the command as - Checksum.exe output.txt "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

Screenshot_6_0.png

Step 3: Hit enter and it will immediately collect file fingerprint of chrome.exe and store that in output.txt file (see screen shot)

Screenshot_8_0.png

 

Adding the output fingerprint file into SEPM.

 

Step 1: Open the Symantec Endpoint Protection Manager and go to Policies > Policy Components > File Fingerprint Lists and click on add a file fingerprint list

It will open Add File Fingerprint Wizard, Click Next

Screenshot_9_0.png

 

Step 2: Put name and description of the file.

Screenshot_10_0.png

Step 3: Hit next when you get below screen.

Screenshot_11_0.png

Step 4: Browse the path to the output.txt file.

Screenshot_12_0.png

Step 5: Hit Next and the file will get added to the SEPM.

Screenshot_13_0.png

Screenshot_14_0.png

Step 6: Hit Finish and you will see the fingerprint file will get saved in SEPM.

Screenshot_15_0.png

 

Thanks,

nThakare :)

 

Statistics
0 Favorited
13 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Sayand Kezhakkedath
Apr 11, 2017 07:37 AM

Good Job Nagesh!!

Related Entries and Links

No Related Resource entered.