Dear JDisc friends, with the coming build 5136, we have implemented a new feature to the Security and Dependency Mapping Add-On. As you might know, the Dependency Add-On detects the list of open TCP/IP and UDP ports. A customer asked us whether we could get information about the SSL certificates and encryption algorithms for each…
Dear JDisc user, have you already been asked by your IT security department not to use local or domain users with administrator rights on Windows computers for network discovery? Unfortunately, Windows doesn’t offer Linux-like privilege elevation methods like SU or SUDO. Of course, security folks want you to embrace the principle of least privilege (PoLP)…
Dear JDisc users, As usual, we are constantly enhancing our data collection capabilities. This time, we have enhanced our security add-on to collect information about the SSH cipher, MAC, and key-exchange algorithms. When the security add-on is installed and licensed, the discovery configuration dialog offers a new setting for security-related data collections. When JDisc Discovery…
Dear JDisc friends, We are continuously improving our scanning capabilities. Starting with build 5130, we will support Red Hat’s oVirt virtualization management software (starting with version 4). oVirt is similar to VMware’s VCenter. oVirt lets you define virtual datacenters, clusters and assign physical servers to the clusters. The support also includes Oracle’s Virtualization Management software…
Dear JDisc friends, we are constantly adding new protocols to improve device detection. The upcoming version (5106) will add two new main protocols to discover IoT devices: mDNS (Multicast DNS) UPnP (Universal Plug and Play) What is mDNS and UPnP? Home automation and IoT devices often support the mDNS and UPnP protocols to publish their…
Companies use more and more PAM (Privileged Access Management) tools to store, manage and rotate passwords for essential accounts (like domain admin accounts or root accounts for important servers). Especially rotating passwords make a manual configuration within JDisc Discovery impossible. Therefore, JDisc has integrated three password managers (Cyberark, Thychotic, Microsoft LAPS) into JDisc Discovery. Within…
Dear JDisc friends, find the German translation from our long term partner i-doit: https://www.i-doit.com/blog/log4j-linux-skript-von-jdisc/ I think everyone is busy figuring out if any applications are affected by the log4j security issue. While this may be easy for commercial applications, the vulnerability can be difficult to find for custom applications that are hosted in your data…
Dear JDisc users, I am pretty sure that you are aware of the log4j security issue CVE-2021-44228. JDisc Discovery is mainly written in Java and we have investigated whether we are affected. One external library (yavijava – a library to access VMware ESX and VSphere servers) uses log4j in version 1.2.17. We have investigated the…
In order to scan devices properly, JDisc Discovery users need to configure access credentials. For security reasons, we do not display the passwords in clear text (neither in the UI nor in the logs). But how do you verify that you made no mistake when you entered the password? Misconfigured passwords lead to an access…
Dear JDisc friends, upon a customer request, we have implemented a new feature to collect the list of pending updates on Windows and Linux computers. Three weeks ago, we added this feature for Linux and with build 5086 we finalized the data collection for Windows computers. We hope that this data helps to keep your…