Is there a way to do inventory / deploy without having SMB ports open on the remote workstation?


1 comment

  • SelfMan

    If i may to put my 2 cents on this. If you are already in the state that there is already a intruder on the network, you've already lost.
    it does not matter much if the information is pulled or pushed between the computers. The communication is there and can be exploited.

    I assume that you are managing the server either via RDP or some Web based / API-Port based application.
    The only way you can limit the impact is to limit the access via firewall rules. The human factor is the biggest risk.
    To mitigate it, create sufficient multi-tier and offsite backups. And keep all the machines up to date.

    My motto: "Keep the healthy amount of paranoia fresh." Create theoretical scenarios how a intruder could get in and implement countermeasures. But also keep in mind how much that process will cost.

    Comment actions Permalink

Please sign in to leave a comment.