Secure Remote MS System Management

Secure Remote MS System Management


Tuesday, April 05, 2011



Mourad Ben Lakhoua

4d0ac884f6fdb0c44f281653697aa2cc

Installation, configuration, and management of software are large part of most system administrator’s jobs.

Admins respond to installation and configuration requests from users, apply updates to fix security problems, and supervise transitions to new software releases that may offer both new features and incompatibilities.

Microsoft Windows users should take a look at a tool called RemoteExec. This tool allows administrators to run programs remotely, deploy applications and update computers in Windows networks.

RemoteExec is based on an agentless and non-intrusive technology and only requires ICMP (ping) and Microsoft File and Printer Sharing (SMB TCP 445) to perform all required actions on the network.

By defining an Action you can easily deploy the most common Microsoft updates, specifying the path to the package or install program. RemoteExec will then identify the type of update and automatically configure the arguments to launch the installation on silent mode.

On the remote system, you can perform seven actions including Shutdown, Reboot, Logoff session, Lock session, and Wake up (allows you to wake up remote computers using the Wake-On-Lan technology by default the Wake-On-Lan is disabled in the BIOS of each computer you can activate it).

Using this predefined Action you will be able to deploy a file or the content of a whole folder on multiple computers. You will also be able to delete a specified file or folder on Target Computers.

On the client side you can display a popup message that you will be to transmiting to users in real-time.

From a security perspective, an MITM attack against RemoteExec 5.0 is nearly impossible to perform because when it executes a remote job, RemoteExec:

  • creates a server on the source system and a client on the target system
  • initializes an asymmetric encryption, so the server and the client can safely exchange the key
  • allows an encrypted dialog between the server and the client
  • finally terminates the server and the client.

If you are looking to read more about RemotExec you can check the Getting started Guide or you can follow RemoteExec update on Twitter:   http://twitter.com/is_decisions

Cross-posted from SecTechno

via infosecisland.com

Comments

Post a Comment