I have read the following and had to laugh: "Changes to Default Behavior in Traps 4.1.3" :
For enhanced security, files in the web-based forensics (BITS upload) folder are no longer accessible to any device except the Endpoint Security Manager (ESM) Server and Console. Now, when you install or upgrade to ESM 4.1.3, the installer creates a user account (TrapsDownloader) and uses that account for accessing files in the BITS folder.
i don't think it is enhanced security to add a user named "TrapsDownloader" with a hardcoded password (easy to get), without a easy possibility to change it and this on a server with a administration tool for a core security product.
i did only noticed it because on a german OS, the console installer crahs with an error by adding this TrapsDownloader user, because he can not find the local Users group.
What you thinking?
Yes and no. Yes, it should be better documented. No, specific information about a password or account that a security product uses, should have some control in the finer details being publicized. Which is why, support should have no issue passing you the information, on how to modify the password. The details of the account and function could use better detailing, in the admin guide.
No, specific information about a password or account that a security product uses, should have some control in the finer details being publicized.
Why not, every default password from traps should be in the public documetation, with a requirement to change it. If you search in the internet you find it anyway.
Only one good example where PaloAlto has done it:
Sorry for saying: all other obfuscation ist security by obscurity.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!