@Bill Tkach<mailto:[email protected]>, side note: I run the SA service with the credentials of a Group Managed Service Account (https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview). That account has access to all the Windows servers/services that I want to check, so I don't need additional credentials for checks to Windows devices. But that doesn’t work for ssh (or other) devices of course.
@Dirk Bulinckx<mailto:[email protected]>, Is there anywhere a description of the encryption used by SA to store passwords? Kind regards, Pieter From: [email protected] <[email protected]> On Behalf Of Dirk Bulinckx Sent: dinsdag 21 maart 2023 22:44 To: [email protected]; Bill Tkach <[email protected]>; [email protected] Subject: RE: [SA-List] (Cisco) switch configuration check via Servers Alive The passwords that are used, are stored in the entries file, and of course in an encrypted way. Dirk On March 21, 2023 10:33:18 PM GMT+01:00, Bill Tkach <[email protected]<mailto:[email protected]>> wrote: On a slightly related note, how does SA store it’s credentials securely. Say if someone gained access to the server, is it all encrypted somewhere? When I put all these high level credentials into SA, what does it do to ensure that those passwords/credentials are secured against prying eyes, or someone snagging the configuration folder? Just thinking about what could happen if SA was compromised, since it does connect to everything to do it’s testing, and adding switches to the mix increases it’s risk factor. It becomes a target. Bill Tkach | City of Parksville | 250 954-4664<tel:250%20954-4664> From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> On Behalf Of Dirk Sent: Tuesday, March 21, 2023 8:11 AM To: [email protected]<mailto:[email protected]> Subject: RE: [SA-List] (Cisco) switch configuration check via Servers Alive EXTERNAL EMAIL SA would need SSH access to the switch(es) in order to get the running configuration, and with that running configuration we can compare it to the “previous” one (previous being the previous one we got from the switch). The commands are just “getting” info, not writing info to the switch. Dirk Bulinckx From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> On Behalf Of Bill Tkach Sent: Tuesday, 21 March 2023 16:09 To: [email protected]<mailto:[email protected]> Subject: RE: [SA-List] (Cisco) switch configuration check via Servers Alive Can you give a brief description of what the process would involve, so I can get an idea of how it may affect the switches? Would this require SA to have logon access to each switch, to grab information from it? Bill Tkach | City of Parksville | 250 954-4664<tel:250%20954-4664> From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> On Behalf Of Dirk Bulinckx Sent: Monday, March 20, 2023 10:54 AM To: [email protected]<mailto:[email protected]> Subject: RE: [SA-List] (Cisco) switch configuration check via Servers Alive EXTERNAL EMAIL That would be the idea. Would you be willing to beta test the check if we make it? Dirk On March 20, 2023 6:47:39 PM GMT+01:00, Bill Tkach <[email protected]<mailto:[email protected]>> wrote: We use them, do you mean to check to ensure no one has altered the configs unexpectedly? That could be a good check of validity. Bill Tkach | City of Parksville | 250 954-4664<tel:250%20954-4664> From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> On Behalf Of Dirk Sent: Monday, March 20, 2023 9:49 AM To: [email protected]<mailto:[email protected]> Subject: [SA-List] (Cisco) switch configuration check via Servers Alive EXTERNAL EMAIL Hi Is anybody using Cisco switches, and interested in a way to check for a config change (of the switch) via Servers Alive? (or other brand 😊) Dirk Bulinckx To unsubscribe from this list please go to https://www.simplelists.com<https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.simplelists.com%2F&data=05%7C01%7Cpieter.demeulemeester%40broedersvanliefde.be%7C93e716853c3a493e8cdb08db2a558c67%7Cf24d00c823a548f48d9dffed9b778506%7C0%7C0%7C638150319149128663%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Ybut9uQRUdXLFu7yFk%2Bd2wFyExSXJeRIuN1p9ciO4k4%3D&reserved=0> To unsubscribe from this list please go to https://www.simplelists.com<https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.simplelists.com%2F&data=05%7C01%7Cpieter.demeulemeester%40broedersvanliefde.be%7C93e716853c3a493e8cdb08db2a558c67%7Cf24d00c823a548f48d9dffed9b778506%7C0%7C0%7C638150319149128663%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Ybut9uQRUdXLFu7yFk%2Bd2wFyExSXJeRIuN1p9ciO4k4%3D&reserved=0> To unsubscribe from this list please go to https://www.simplelists.com<https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.simplelists.com%2F&data=05%7C01%7Cpieter.demeulemeester%40broedersvanliefde.be%7C93e716853c3a493e8cdb08db2a558c67%7Cf24d00c823a548f48d9dffed9b778506%7C0%7C0%7C638150319149128663%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Ybut9uQRUdXLFu7yFk%2Bd2wFyExSXJeRIuN1p9ciO4k4%3D&reserved=0> To unsubscribe from this list please go to https://archives.simplelists.com<https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Farchives.simplelists.com%2F&data=05%7C01%7Cpieter.demeulemeester%40broedersvanliefde.be%7C93e716853c3a493e8cdb08db2a558c67%7Cf24d00c823a548f48d9dffed9b778506%7C0%7C0%7C638150319149128663%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=2wea4p54mgnE9GadPHupMuSdAvfIhke79oSmE3CdHNU%3D&reserved=0> To unsubscribe from this list please go to https://archives.simplelists.com/confirm/?u=SvtWxXw9d394EfHUHworDewz2t4ZikxC<https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Farchives.simplelists.com%2Fconfirm%2F%3Fu%3DSvtWxXw9d394EfHUHworDewz2t4ZikxC&data=05%7C01%7Cpieter.demeulemeester%40broedersvanliefde.be%7C93e716853c3a493e8cdb08db2a558c67%7Cf24d00c823a548f48d9dffed9b778506%7C0%7C0%7C638150319149284869%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=rP9fLygBTJibapriOyTsJvgQcoroTCmKKhImltj%2Bk8g%3D&reserved=0> To unsubscribe from this list please go to https://www.simplelists.com<https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.simplelists.com%2F&data=05%7C01%7Cpieter.demeulemeester%40broedersvanliefde.be%7C93e716853c3a493e8cdb08db2a558c67%7Cf24d00c823a548f48d9dffed9b778506%7C0%7C0%7C638150319149284869%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=1dYFlu12YjLrH0YfboYBjVWI16wxwvSYd9dvpY9wilw%3D&reserved=0> -- Composed on a mobile device. To unsubscribe from this list please go to https://www.simplelists.com<https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.simplelists.com%2Fconfirm%2F%3Fu%3DzS2GaQk9WP83GI5TpHeSRy5BJCM6Za2Y&data=05%7C01%7Cpieter.demeulemeester%40broedersvanliefde.be%7C93e716853c3a493e8cdb08db2a558c67%7Cf24d00c823a548f48d9dffed9b778506%7C0%7C0%7C638150319149284869%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=nigU%2FWbGIesJWP45aZ2wnKehv8wLCXfVvOzQl0tpV2E%3D&reserved=0> ________________________________ Dit bericht wordt verzonden vanuit een e-mailadres voor professioneel gebruik. De verantwoordelijken binnen de organisatie kunnen kennis nemen van alle berichten verzonden naar dit adres. Le présent message est envoyé d'une adresse e-mail pour usage professionnel. Les responsables de l'organisation peuvent prendre connaissance de tous les messages envoyés à cette adresse. This message is sent from an e-mail address for professional use only. The persons in charge of the organisation may take note of all messages sent to this address. To unsubscribe from this list please go to https://www.simplelists.com/confirm/?u=8KIchYygV3kz4QXQydZqUA2M0dRvmk7K
