Currently, the unattended installer file will work forever. However, partner would like the unattended installer file to stop working after X days so that anyone who uses an older installer won't be able to randomly add it to any machines.
i would really love this feature. one for security reasons, two for ease of mind. i have a client that got there machine infected and started to pass the MSI install file around on random machine. it is scary if you don't know how it happens just see a ton of machines in your console. i also have some techs of my accidentally leaving the installation on machines.
Please add to to the list. I'm having some funny connections showing up:
Not sure if I should be worried, I'm told not to, but then others say I might have to.
It would also be nice to be notified when a new session is created along with the originating public IP address.
Seeing repeated installers WITHOUT MY CONSENT is a security issue. This is a good idea to begin rectification. I would also like an option to request a code to run the physical EXE///MSI installer. That way virtual play labs and hackers can't consistently get as much success as they are currently. They told me it was a Antivirus that sent the file for a scan, which could happen. But in my case, the client that came back repeated, no longer existed, nor did the computer from which it originally was on. SOMEWHERE a hacker had old data. The expiration then in deed would help!
Seeing repeated installers WITHOUT MY CONSENT is a security issue. This is a good idea to begin rectification. I would also like an option to request a code to run the physical EXE///MSI installer. That way virtual play labs and hackers can't consistently get as much success as they are currently. They told me it was a Antivirus that sent the file for a scan, which could happen. But in my case, the client that came back repeated, no longer existed, nor did the computer from which it originally was on. SOMEWHERE a hacker had old data. The expiration then in deed would help!
A bit late on my response, but the good news at least is that there is no way for the Guest client to gain access to the protected data of the server - so even with the agents popping up into the list, your data is safe. The Guest checks in and allows you access to that machine, but it's one way only. I definitely see how this situation could be an inconvenience and annoyance though!
Windows defender has started more agressive, and persistent .exe downloading of files of all ages and running them in AV VM sandboxes for amalysis.
It's now at a level of 20-40/week of fake agents and rising.
Please raise this in the consideration list. I'm also going to do some work to see if there are other risks from this asymmetrickey embedded in the .exe and msi installers.
If I had bad intentions, I'd extract this key, and create a script that would start generating agents. I wonder what would happen to Screenconnect with say, 2 million dummy agents (I bet it'll fall over well before that). Sounds like quite an effective way of killing every screenconnect server on the planet because there are no protections at this time.
Hi I wanted to follow up on this thread to see if this will be in production soon. We too have this issue of old installers being used to test access to our instance. Driving my InfoSec team crazy! Thanks
Random machines show up in our instance.
This may be due to a published installer for my instance.
Want the ability to delete or disable previous installers.