Notification

Icon
Error

Credential-free "ON" by default ? - Credential-free "ON" by default upon upgrade

Posted: Sunday, May 2, 2021 1:40:39 AM(UTC)
danielm

danielm

Member Original PosterPosts: 187
0
Like
Credential-free "ON" by default upon upgrade!
Say what?
should that feature be on in any environment? after the upgarde from 8.0 to 8.3 i checked as soon as i saw the lovely popup notice. and the option listed as "disable" not enable....

Am I the only one that this bothers? I do not like the enriched with data and sent to the Lansweeper-owned recognition API parts specifically.

Can I know if any data has been leaked from our network to Lansweeper(company) or their 3rd parties....!


Quote:

Using a combination of data gathered from IP scanning and most importantly, Asset Radar, Lansweeper generates fingerprints. Fingerprints consist of at least a MAC address and may be further enriched with data gathered from various protocols, such as DHCP, HTTP, ARP, etc. These fingerprints are generated, encrypted, and stored in the Lansweeper database. They are then sent to the Lansweeper-owned recognition API. Based on the received fingerprint, the recognition API returns more information about the device, which is then also stored in the Lansweeper database. Finally, during the next scan of the device, this information is applied to the asset, i.e. its asset type will be updated, extra fields are filled in.
To make optimal use of both Asset Radar and CDR, it is recommended to have a scanning server in each subnet or VLAN that contains relevant devices. CDR will have the greatest impact on devices for which you don't have credentials (yet), IoT devices, and unmanaged devices.

Hendrik.VE
#1Hendrik.VE Member Posts: 81  
posted: 5/4/2021 11:11:08 AM(UTC)
Good point, but then again, if you don't want to leak any data from your company to the rest of the world, I think it's best practice to put your Lansweeper instance behind a firewall with no (or limited) access to the internet.
The only access we grant our Lansweeper to the internet is what we explicitly define through proxy whitelisting.
I'm quite confident no Lansweeper 'fingerprints' of my company are shared with ROW :-)
vqT4cDoP9iXyMZwoDUWU
#2vqT4cDoP9iXyMZwoDUWU Member Posts: 23  
posted: 5/4/2021 6:02:10 PM(UTC)
Originally Posted by: danielm Go to Quoted Post
Credential-free "ON" by default upon upgrade!
Say what?
should that feature be on in any environment? after the upgarde from 8.0 to 8.3 i checked as soon as i saw the lovely popup notice. and the option listed as "disable" not enable....

Am I the only one that this bothers? I do not like the enriched with data and sent to the Lansweeper-owned recognition API parts specifically.

Can I know if any data has been leaked from our network to Lansweeper(company) or their 3rd parties....!


Quote:

Using a combination of data gathered from IP scanning and most importantly, Asset Radar, Lansweeper generates fingerprints. Fingerprints consist of at least a MAC address and may be further enriched with data gathered from various protocols, such as DHCP, HTTP, ARP, etc. These fingerprints are generated, encrypted, and stored in the Lansweeper database. They are then sent to the Lansweeper-owned recognition API. Based on the received fingerprint, the recognition API returns more information about the device, which is then also stored in the Lansweeper database. Finally, during the next scan of the device, this information is applied to the asset, i.e. its asset type will be updated, extra fields are filled in.
To make optimal use of both Asset Radar and CDR, it is recommended to have a scanning server in each subnet or VLAN that contains relevant devices. CDR will have the greatest impact on devices for which you don't have credentials (yet), IoT devices, and unmanaged devices.



Don't look at Configuration > Privacy Settings either...Lansweeper has been gathering metrics for quite a while.
danielm
#3danielm Member Original PosterPosts: 187  
posted: 5/4/2021 10:13:14 PM(UTC)
yes i know. i had to turn those off right away also.
i wont even bring up the legal agreement. lots of things in there to say no to.


danielm
#4danielm Member Original PosterPosts: 187  
posted: 5/5/2021 9:03:56 PM(UTC)
so no reply on this one yet?
Should it be on by default from install or was this non intentional of the installer?
Brick wall

Active Discussions

Lansweeper End of Life Asset Report
by  Hendrik.VE   Go to last post Go to first unread
Last post: Today at 2:18:23 PM(UTC)
Lansweeper Translation settings not saved
by  Brandon  
Go to last post Go to first unread
Last post: Yesterday at 2:10:22 PM(UTC)
Lansweeper Combobox translation
by  sneagele   Go to last post Go to first unread
Last post: Yesterday at 2:03:45 PM(UTC)
Lansweeper Freelance for Lansweeper Deploy?
by  Brandon  
Go to last post Go to first unread
Last post: 5/7/2021 6:32:21 PM(UTC)
Lansweeper Installation issues
by  Richie_Rich   Go to last post Go to first unread
Last post: 5/6/2021 11:29:09 PM(UTC)
Lansweeper Cloud relay data stored time
by  Richie_Rich  
Go to last post Go to first unread
Last post: 5/6/2021 11:14:42 PM(UTC)
Lansweeper Custom attributes from AD
by  dhoward   Go to last post Go to first unread
Last post: 5/6/2021 11:10:45 PM(UTC)
Lansweeper User View Customization
by  DarkOne77  
Go to last post Go to first unread
Last post: 5/6/2021 10:50:30 PM(UTC)