This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Community FAQ
Register | Log In
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- Product Discussions
- full vulnerability scanning
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎12-11-2017 07:24 PM
even as an add on module? I would pay for that. seems like the products I can find are hugely expensive and do a lot of the same things. we already see the benefit with LS and the wannacry scans or the intel bios scans, what about making this more feature complete for sql injections, open ports, default passwords on devices etc.
Labels:
- Labels:
-
Product Feedback
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-02-2018 04:55 PM
>>If we could launch the exe, etc and pass it a param (the DBCONNSTRING) for example
I don't like to pass in clear connection strings to exe or scripts, I suggest that LanSweeper (in some way) could collect return values and pass it to custom fields (for example setting the mapping return values<->custom fields in the deploy configuration box)
Another way is to collect these values in the deploy log history or somwhere else (custom table with these fields: <asset-id>-<date>-<return value id>-<return value content>), every step in this direction will be very useful
I don't like to pass in clear connection strings to exe or scripts, I suggest that LanSweeper (in some way) could collect return values and pass it to custom fields (for example setting the mapping return values<->custom fields in the deploy configuration box)
Another way is to collect these values in the deploy log history or somwhere else (custom table with these fields: <asset-id>-<date>-<return value id>-<return value content>), every step in this direction will be very useful
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-02-2018 05:00 PM
ufficioced wrote:
>>If we could launch the exe, etc and pass it a param (the DBCONNSTRING) for example
I don't like to pass in clear connection strings to exe or scripts, I suggest that LanSweeper (in some way) could collect return values and pass it to custom fields (for example setting the mapping return values<->custom fields in the deploy configuration box)
Another way is to collect these values in the deploy log history or somwhere else (custom table with these fields: <asset-id>-<date>-<return value id>-<return value content>), every step in this direction will be very useful
@ufficeioced I don't like it either, however, better than what we have now. your idea far better at least it gives them ideas!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-02-2018 04:36 PM
agreed, I hate having it write to the registry and extra keys in an already complex part of the OS.
If we could launch the exe, etc and pass it a param (the DBCONNSTRING) for example, it could write to the field in the database (if we pass it the autogenerated sql perhaps?) if LS could generate the sql (so end users do not mess it up)
that would allow for some serious integration via script
If we could launch the exe, etc and pass it a param (the DBCONNSTRING) for example, it could write to the field in the database (if we pass it the autogenerated sql perhaps?) if LS could generate the sql (so end users do not mess it up)
that would allow for some serious integration via script
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-02-2018 12:52 PM
>>I'll add your request to allow return values of deployments to be written to the asset custom fields to the customer wishlist.
this could be a great new improvement, meanwhile I'll use your suggestion to add a custom registry key and monitor for values written there
thanks
this could be a great new improvement, meanwhile I'll use your suggestion to add a custom registry key and monitor for values written there
thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎12-30-2017 06:22 PM
I think that if LS could implement something like deploying a (custom) command line program (or batch or script) and get result in some field of the asset itself we can easily implement some good vuln detections functionalities.
Example: deploy a script to detect permission on a file is executed on the assets (this can be done in .bat, .ps1 or custom .net ext) and the script returns some value, this value is written in some field for each asset, then a custom report can be created to select and alert if wrong values are found.
What do you think about this?
Example: deploy a script to detect permission on a file is executed on the assets (this can be done in .bat, .ps1 or custom .net ext) and the script returns some value, this value is written in some field for each asset, then a custom report can be created to select and alert if wrong values are found.
What do you think about this?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-02-2018 09:58 AM
ufficioced wrote:
I think that if LS could implement something like deploying a (custom) command line program (or batch or script) and get result in some field of the asset itself we can easily implement some good vuln detections functionalities.
Example: deploy a script to detect permission on a file is executed on the assets (this can be done in .bat, .ps1 or custom .net ext) and the script returns some value, this value is written in some field for each asset, then a custom report can be created to select and alert if wrong values are found.
What do you think about this?
This is currently already possible, however not exactly as you described. You can deploy scripts, batch files or command lines using the deployment module. However, you can't make these deployments write information to the asset's page. As a workaround, you can make the deployment create a registry key with the information and scan the registry key with Lansweeper. This method is similar to the Intel SA-00086 vulnerability deployment we created.
I'll add your request to allow return values of deployments to be written to the asset custom fields to the customer wishlist.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎12-12-2017 11:01 AM
Thank you for the feedback. I've added your topic to the existing feature request to add weight to it.
As you know, Lansweeper is already capable of detecting a lot. However, like the Intel vulnerability, it requires manual configuration.
As you know, Lansweeper is already capable of detecting a lot. However, like the Intel vulnerability, it requires manual configuration.
Product Discussions
Share feedback, exchange ideas and find answers to Lansweeper product questions.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- New Year = New Discoveries Discussion! 🚀 in General Discussions
- Licenced exceeded, 1 hour later 2100 under licence limit! in General Discussions
- Is the vulnerability scanning widget available on-prem? in Open Office Hours Q&A
- Inside Lansweeper: Weekly Recap in General Discussions
- Inside Lansweeper: Weekly Recap in General Discussions
