| View previous topic :: View next topic |
| Author |
Message |
Doobie
Joined: 10 Mar 2003
Posts: 7
|
 Posted: Tue Mar 11, 2003 10:35 pm Post subject: |
 |
|
I would like an action to either publish or FTP files.
This would be helpful in getting reports published, backup logs copied, data backed up, etc...
|
|
| Back to top |
|
 |
KS-Soft
Joined: 03 Apr 2002
Posts: 12793
Location: USA
|
| Posted: Wed Mar 12, 2003 12:47 pm Post subject: |
|
|
Truth to say I don't see reason to implement this action because Windows has standard command line utility FTP.EXE. It can process script that specified in command line by -s:filename parameter.
HostMonitor can start FTP client using "Execute external program" action. Also it can start external program each time reports generated.
Regards
Alex |
|
| Back to top |
|
|
Doobie
Joined: 10 Mar 2003
Posts: 7
|
| Posted: Wed Mar 12, 2003 6:19 pm Post subject: |
|
|
Unless there is currently a convention to do it otherwise, the advantage would be to store the authentication information encrypted or at least measked within HostMonitor.
This information sitting in a batch file or even within the command line parameter field is too open.
[ This Message was edited by: Doobie on 2003-03-12 17:20 ] |
|
| Back to top |
|
|
Marcus
Joined: 18 Nov 2002
Posts: 367
|
| Posted: Thu Mar 13, 2003 3:55 am Post subject: |
|
|
| Create a seperate directory for your scripts and give only admins and hostmonitor rights to read this directory and your security issue is fixed. |
|
| Back to top |
|
|
Doobie
Joined: 10 Mar 2003
Posts: 7
|
| Posted: Thu Mar 13, 2003 9:07 pm Post subject: |
|
|
This won't work for us as we don't have 'full control' over the servers that we need to monitor on behalf of our clients.
The ability to publish this data in secure areas of our website is specific to the HostMonitor application and ideally can be both configured and secured within it. |
|
| Back to top |
|
|
Marcus
Joined: 18 Nov 2002
Posts: 367
|
| Posted: Fri Mar 14, 2003 2:37 am Post subject: |
|
|
>This won't work for us as we don't have 'full control' over the servers that we need to monitor on behalf of our clients.
I assume if you are going to use a script to perform an ftp action, the script is on your own machine, on which Hostmonitor runs. This is the place where you can secure your scripts with ntfs permissions. |
|
| Back to top |
|
|
Doobie
Joined: 10 Mar 2003
Posts: 7
|
| Posted: Mon Mar 17, 2003 11:14 pm Post subject: |
|
|
Marcus wrote...
>I assume if you are going to use a script to perform an ftp action, the script is on your own machine, on which Hostmonitor runs.<
No, the machine is typically property of the client and is always at the client site. Although we have admin rights, so do others, and we may never know the ownership has been taken on the file and the information breached.
To this effect, I would also suggest that the ability to 'Show' the application window from the system tray be password protected. |
|
| Back to top |
|
|
KS-Soft
Joined: 03 Apr 2002
Posts: 12793
Location: USA
|
| Posted: Wed Mar 19, 2003 12:48 am Post subject: |
|
|
>No, the machine is typically property of the client and is always at the client site. Although we have admin rights, so do others, and we may never know the ownership has been taken on the file and the information breached.
Yeah, difficult situation...
>To this effect, I would also suggest that the ability to 'Show' the application window from the system tray be password protected.
You can use "Protect settings by password" option located on Miscellaneous page in the Options dialog. It will protect all settings from viewing or changing.
Regards
Alex |
|
| Back to top |
|
|
Doobie
Joined: 10 Mar 2003
Posts: 7
|
| Posted: Thu Mar 20, 2003 7:48 pm Post subject: |
|
|
Alex Wrote....
>You can use "Protect settings by password" option located on Miscellaneous page in the Options dialog. It will protect all settings from viewing or changing.<
But only after showing all the tests, status, test method, etc.. This can still be too much information in some cases (for us). I would prefer that the password is prompted prior to displaying the application window. |
|
| Back to top |
|
|
Marcus
Joined: 18 Nov 2002
Posts: 367
|
| Posted: Fri Mar 21, 2003 3:44 am Post subject: |
|
|
There is a workaround possible, using the perm.exe utility from the resource kit. It can show the permissions of a directory (including the owner). In combination with showacls you can also check the file permissions.
Build it in a script and let HM check it every x minutes. This wil be the time other admins have to compromise your files.
Not a nice solution, but...... |
|
| Back to top |
|
|
KS-Soft
Joined: 03 Apr 2002
Posts: 12793
Location: USA
|
| Posted: Fri Mar 21, 2003 2:44 pm Post subject: |
|
|
Protection in version 4 will be more flexible. Admin will be able to assign different set of rights to different operators, etc.
But
>But only after showing all the tests, status, test method, etc.. This can still be too much information in some cases (for us). I would prefer that the password is prompted prior to displaying the application window.
I don't understand this. Are you afraid somebody will be able to see list of your servers/services? Anybody who has access to your network able to check your servers and services. It doesn't need to use HostMonitor, it can use any port scanner and similar utilities and get much more information that HostMonitor can display.
If you leave server unlocked under administrator account, any HostMonitor protection will not help you.
Regards
Alex |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in
