|
View previous topic :: View next topic |
Author |
Message |
KS-Soft
Joined: 03 Apr 2002 Posts: 12807 Location: USA
|
Posted: Mon Feb 17, 2003 3:05 pm Post subject: |
|
|
>As long as any valid centralized HM will be able to update remote agent software, then I'll put my "choice" on that one
I don't think this feature will be implemented. It can be perfect "hole" for attack. Of course operations with remote agent will be password protected. But what happen if somebody somehow gets access to remote agent? Without "update" option hacker can only get some information about system (like amount of free space on drive C:, or list of services started on the system). In the same case using "update" feature hacker will be able to upload and start his own remote agent and get full access to the system.
Regards
Alex |
|
Back to top |
|
|
hmo
Joined: 14 Feb 2003 Posts: 81 Location: Denmark
|
Posted: Mon Feb 17, 2003 4:25 pm Post subject: |
|
|
>I don't think this feature will be implemented.
Hey Alex! Dont by 'shy'... or run away from good development!
>It can be perfect "hole" for attack. Of
>course operations with remote agent will be
>password protected. But what happen if
>somebody somehow gets access to remote
>agent?
As for now... anyone who'll like a good picture of +450 servers at our location should go for HostMonitor directly! In that configuration we have admin-prev. listet side by side anyway! Sooo... we do protect HostMonitor in the first place!
I know You're a VERY good programmer, so basic skills within security will do the job here! Remote Agent will *ONLY* talk (if wanted) to specific source IP's. Next will be user/password and crypt. protection. What more can be done? Lots of stuff... So Your security issue dont keep up with the high demand of development, right?
>Without "update" option hacker can only get
>some information about system (like amount
>of free space on drive C:, or list of
>services started on the system). In the
>same case using "update" feature hacker
>will be able to upload and start his own
>remote agent and get full access to the
>system.
No! You will make communication to/from HM and remote Agents very secure... and You can even make this happen over the Internet through firewall's as well... as long as You tell ppl. how to protect them from hackers and blast-open security issues - ie. make sure to use source/destination IP-range, port-range etc. etc. It's not that hard!
If You do have in mind, that remote Agents will be a part of the "new to come", You'll have to implement remote update as well. We cant go around to more than 450 servers to upgrade "new" agents, right? (imho)
Cheers,
Hans Mosegaard |
|
Back to top |
|
|
KS-Soft
Joined: 03 Apr 2002 Posts: 12807 Location: USA
|
Posted: Mon Feb 17, 2003 10:41 pm Post subject: |
|
|
>Hey Alex! Dont by 'shy'... or run away from good development
And who will continue development when I go?
>If You do have in mind, that remote Agents will be a part of the "new to come", You'll have to implement remote update as well. We cant go around to more than 450 servers to upgrade "new" agents, right?
Ok, ok... But this option will be disabled by default.
Regards
Alex |
|
Back to top |
|
|
hmo
Joined: 14 Feb 2003 Posts: 81 Location: Denmark
|
Posted: Tue Feb 18, 2003 12:29 pm Post subject: |
|
|
>And who will continue development when I go?
Hmmm... Have You been looking in the FAQ for that answer?
>Ok, ok... But this option will be disabled by default.
Okay! Let's agree on that part!
(ooohh... I did'nt put in the Q about "when"..did I?) Alex now moves back to "delphi-code-computer" and start writting like hell... ooohhh... there he goes... and by surprise we all have a HM v4.00beta with Agents (even remote update as well).. Tsk...Tsk..Tsk...
Cheers,
Hans Mosegaard
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|