This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

manipulating download and upload packages between Beacon and Agent vice versa

Jump to solution
mschwach
By
Level 7

We have the request to confirm that there is no way to manipulate download and upload packages and integrate suspicious Malware or Viruses/unexpected batch-files/scirpts or executables between Beacon and Agent and therefore, affecting the Application itself.

1.)  from Agent (NDI-file) to the Beacon (upload), there should be no possibility to integrate suspicious things or to be later executed on the Beacon

2.) from Beacon (policy or within Agent upgrade packages) to the Agent (download), there should be no way to execute suspicious things on Agent, integrated in the downloaded Package.

3.) ApplicationServer and configured Settings, to be distributed in the environment. If the Server is effected, it should not be distributed, based on FNMS communications.

4.) If you manipulate a Agent-Upgrade Package one the Beacon forcefully,  and you will integrate a suspicious File /executable into it and let this Package go live, will it be ensured that this "evil" package will not get deployed?

So, if one of the Beacon or the Agent is effected by a Virus or something else, it should not effect the Application (Batch-Server) based on the internal communication between Agent -> Beacon -> Server vice versa only. Correct?

 

And, yes we have Virus-scanners active in our env. So, the question is more about the detection/prevention of doing maliciouse things, if it comes to a native communication within the FNMS-Applikation and its environment, regardless of other Services running. (using FNMS 2022R1 on-prem)

And not to see something like this (with a smily and we haven't faced it) after an Agent was upgrade by the Server policy automatically

gans.gif

 

 

 

‎Jan 18, 2023 04:39 AM - edited ‎Jan 18, 2023 05:44 AM

0 Kudos
(1) Solution

Jump to solution
durgeshsingh
By
Level 10
In response to mschwach

Flexera package has its own hash value with header V4 DSA/SHA1 signature if someone manipulate it. it will not going to work & it will give error for mismatch.

View solution in original post

‎Jan 20, 2023 04:10 AM

(3) Replies

Jump to solution
mschwach
By
Level 7
In response to durgeshsingh

Thank you Durgeshsingh for your fast reply,

according to this, it ensures that your Virus-scanning-toolset has detected some suspicious software and you/one should act according to your companies policies.

My question is in regard and beforehand this situation will occure.
Is FNMS in somehow able to detect or prevent suspicious packages from distribution into the environment? Not using any 3rd Partytools to detect a security issue, but using the native functionalities within FNMS and prevent/or not distribute / recive any manipulated settings or configurations or NDI-files

 

‎Jan 18, 2023 06:08 AM - edited ‎Jan 18, 2023 06:32 AM

0 Kudos

Jump to solution
durgeshsingh
By
Level 10
In response to mschwach

Flexera package has its own hash value with header V4 DSA/SHA1 signature if someone manipulate it. it will not going to work & it will give error for mismatch.

‎Jan 20, 2023 04:10 AM

Top Kudoed Authors
View all