cancel
Showing results for 
Search instead for 
Did you mean: 
HugeT00n
Pilgrim

FlexNet agent updates integrity

Greetings,

I am trying to determine the potential impact of a beacon server on the security of a managed device.

More specifically, in https://helpnet.flexerasoftware.com/fnms/EN/WebHelp/PDF%20Documents/Cloud/GatheringFlexNetInventory....it is said that an agent can download an update .osd package following the information contained in an .npl file.

I would like to confirm a couple of items:

- Are these files (.npl and .osd) protected from tampering and if Yes, how ?

- Where the packages containing agent updates are generated?

 

More generally, in the case a FlexNet server is compromised, could it  be used as a stepping stone to compromise a managed device, for example, by making available a forged update package with a backdoor?

 

TIA

Best regards

0 Kudos
2 Replies
Highlighted
chirag_sharma2
Active participant

Re: FlexNet agent updates integrity

I beleive that these files aren't protected from tempering.
if your beacon engine is installed in the C drive then go to this location to find out the latest package file

C:\ProgramData\Flexera Software\Staging\Common\Packages\Flexera\Upgrade
0 Kudos
mfranz
Analyst

Re: FlexNet agent updates integrity

While I believe, there is no technical measure to "magically" prevent tampering, you can still take your own measures. That would usually include managing access to the servers (web, file shares, RDP), maybe IAM, logging, monitoring, etc.

0 Kudos