cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AZHockeyNut
Champion Sweeper III
even as an add on module? I would pay for that. seems like the products I can find are hugely expensive and do a lot of the same things. we already see the benefit with LS and the wannacry scans or the intel bios scans, what about making this more feature complete for sql injections, open ports, default passwords on devices etc.
7 REPLIES 7
ufficioced
Champion Sweeper
>>If we could launch the exe, etc and pass it a param (the DBCONNSTRING) for example

I don't like to pass in clear connection strings to exe or scripts, I suggest that LanSweeper (in some way) could collect return values and pass it to custom fields (for example setting the mapping return values<->custom fields in the deploy configuration box)
Another way is to collect these values in the deploy log history or somwhere else (custom table with these fields: <asset-id>-<date>-<return value id>-<return value content>), every step in this direction will be very useful
AZHockeyNut
Champion Sweeper III
ufficioced wrote:
>>If we could launch the exe, etc and pass it a param (the DBCONNSTRING) for example

I don't like to pass in clear connection strings to exe or scripts, I suggest that LanSweeper (in some way) could collect return values and pass it to custom fields (for example setting the mapping return values<->custom fields in the deploy configuration box)
Another way is to collect these values in the deploy log history or somwhere else (custom table with these fields: <asset-id>-<date>-<return value id>-<return value content>), every step in this direction will be very useful


@ufficeioced I don't like it either, however, better than what we have now. your idea far better at least it gives them ideas!
AZHockeyNut
Champion Sweeper III
agreed, I hate having it write to the registry and extra keys in an already complex part of the OS.
If we could launch the exe, etc and pass it a param (the DBCONNSTRING) for example, it could write to the field in the database (if we pass it the autogenerated sql perhaps?) if LS could generate the sql (so end users do not mess it up)

that would allow for some serious integration via script
ufficioced
Champion Sweeper
>>I'll add your request to allow return values of deployments to be written to the asset custom fields to the customer wishlist.

this could be a great new improvement, meanwhile I'll use your suggestion to add a custom registry key and monitor for values written there
thanks
ufficioced
Champion Sweeper
I think that if LS could implement something like deploying a (custom) command line program (or batch or script) and get result in some field of the asset itself we can easily implement some good vuln detections functionalities.
Example: deploy a script to detect permission on a file is executed on the assets (this can be done in .bat, .ps1 or custom .net ext) and the script returns some value, this value is written in some field for each asset, then a custom report can be created to select and alert if wrong values are found.
What do you think about this?
Esben_D
Lansweeper Employee
Lansweeper Employee
ufficioced wrote:
I think that if LS could implement something like deploying a (custom) command line program (or batch or script) and get result in some field of the asset itself we can easily implement some good vuln detections functionalities.
Example: deploy a script to detect permission on a file is executed on the assets (this can be done in .bat, .ps1 or custom .net ext) and the script returns some value, this value is written in some field for each asset, then a custom report can be created to select and alert if wrong values are found.
What do you think about this?


This is currently already possible, however not exactly as you described. You can deploy scripts, batch files or command lines using the deployment module. However, you can't make these deployments write information to the asset's page. As a workaround, you can make the deployment create a registry key with the information and scan the registry key with Lansweeper. This method is similar to the Intel SA-00086 vulnerability deployment we created.

I'll add your request to allow return values of deployments to be written to the asset custom fields to the customer wishlist.
Esben_D
Lansweeper Employee
Lansweeper Employee
Thank you for the feedback. I've added your topic to the existing feature request to add weight to it.

As you know, Lansweeper is already capable of detecting a lot. However, like the Intel vulnerability, it requires manual configuration.