No, it’s the McAfee EPO client that’s installed on each PC. If you http to it’s specific port, you’ll get a web page about the last updates that ocurred. If that web page can’t be reached, then there’s something wrong with the EPO client and I need to re-install it.
Actually, this is explicitly NOT allowed by our design…
The reason why is because Relevance is not allowed to change anything on the computer. The idea is that if you are going to allow people to publish Fixlets that go out to your computers without you testing them first, you want some assurance that:
Fixlets will not “do” anything without your authorization.
There are no security holes that would allow people to own your computers.
In this case most people trust BigFix, Inc. to make new Fixlets and publish them, but it would be unacceptable if we could just run arbitrary new applications on your computers without authorization. By making a clear distinction that relevance is “query only” with no configuration changes or process execution allowed without authorization, we have a much stronger and safer model.
What you really want is that we have a new inspector to look at open ports of a computer… and that enhancement request was filed a little while ago…
That makes sense. I liked your last statement anyhow. Nice.
If there was something that could inspect a port, not only would I like to know something was there - but I could forsee taking what was found and checking if it contained a certain string.
I’ll use the EPO client again as an example. The EPO agent actually returns an XML file. I could look for the name of the EPO server and know if (1) the client has an active EPO agent and (2) that its looking at the right server.
I find that I can usually get things accomplished via the command line much faster than I can put together relevance. I’d suggest looking for a tool that allows you to accomplish your goal and then work the relevance around that.
I’d look at the netcat utility to get the job done. It will allow you to connect to ports, perform actions, etc. You could use netcat to connect to the local machine, grab the xml file and then use relevance to parse the file as needed. It really is the TCP/IP swiss army knife. In the past, I’ve created scripts to pipe data from a file into netcat which relayed the information to another server for it to perform daily functions.
Yeah, I don’t think I want to do that. Like Ben said earlier I’d need to have an action that runs periodically and then another fixlet that generates relelance on its’ output. I guess for now maybe I’ll just wait to see what new inspector comes out about examining ports.
Now what would be great is if we had an API so we could add our own inspector DLL.