This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- General Discussions
- Traffic encrypted?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2015 05:40 PM
Is all traffic between scanned device and the Lansweeper scan server encrypted or just the authentication portion of the traffic? In other words, could someone on my network run a packet sniffer and collect all the information that Lansweeper scans or will they simply get encrypted data?
Thanks,
Joe
Thanks,
Joe
Solved! Go to Solution.
Labels:
- Labels:
-
General Discussion
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-23-2015 02:37 PM
In regards to traffic between clients and server:
SNMP v1 and v2.c do not allow encryption, they send all information in cleartext, including the community string. This is not a limitation of Lansweeper, it is how these protocols are designed.
SNMP v3, SSH and WMI connections should be encrypted unless you went through a lot of trouble to disable the encryptions.
In regards to data as it is stored in the database itself:
Scanned data isn't encrypted in the database; only scanning credentials are. If your database is hosted in SQL Server, we recommend changing the database password for added security.
Credentials are transferred to the service memory when the Lansweeper service starts. When Lansweeper needs to pass them to a machine, it uses the default Windows authentication that's configured (most likely NTLMv2 or Kerberos). The login/password details are never sent over the wire.
SNMP v1 and v2.c do not allow encryption, they send all information in cleartext, including the community string. This is not a limitation of Lansweeper, it is how these protocols are designed.
SNMP v3, SSH and WMI connections should be encrypted unless you went through a lot of trouble to disable the encryptions.
In regards to data as it is stored in the database itself:
Scanned data isn't encrypted in the database; only scanning credentials are. If your database is hosted in SQL Server, we recommend changing the database password for added security.
Credentials are transferred to the service memory when the Lansweeper service starts. When Lansweeper needs to pass them to a machine, it uses the default Windows authentication that's configured (most likely NTLMv2 or Kerberos). The login/password details are never sent over the wire.
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-23-2015 04:20 PM
I've deleted my previous post as it was only partially correct. Filip's answer is better. I'm marking this as the solution.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-23-2015 02:37 PM
In regards to traffic between clients and server:
SNMP v1 and v2.c do not allow encryption, they send all information in cleartext, including the community string. This is not a limitation of Lansweeper, it is how these protocols are designed.
SNMP v3, SSH and WMI connections should be encrypted unless you went through a lot of trouble to disable the encryptions.
In regards to data as it is stored in the database itself:
Scanned data isn't encrypted in the database; only scanning credentials are. If your database is hosted in SQL Server, we recommend changing the database password for added security.
Credentials are transferred to the service memory when the Lansweeper service starts. When Lansweeper needs to pass them to a machine, it uses the default Windows authentication that's configured (most likely NTLMv2 or Kerberos). The login/password details are never sent over the wire.
SNMP v1 and v2.c do not allow encryption, they send all information in cleartext, including the community string. This is not a limitation of Lansweeper, it is how these protocols are designed.
SNMP v3, SSH and WMI connections should be encrypted unless you went through a lot of trouble to disable the encryptions.
In regards to data as it is stored in the database itself:
Scanned data isn't encrypted in the database; only scanning credentials are. If your database is hosted in SQL Server, we recommend changing the database password for added security.
Credentials are transferred to the service memory when the Lansweeper service starts. When Lansweeper needs to pass them to a machine, it uses the default Windows authentication that's configured (most likely NTLMv2 or Kerberos). The login/password details are never sent over the wire.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- Use of RSPAN or ERSPAN with for asset radar logs in Product Discussions
- I CANNOT SEE MY NETWORK SOFTWARE INFORMATION. in General Discussions
- Finding but not scanning after database server change. - encryption file error in General Discussions
- Custom Report - Exclude certain asset groups in Reports & Analytics
- Built-in Bitlocker Report Accuracy in Reports & Analytics
