MeshCentral Updates
-
@black3dynamite said in MeshCentral Updates:
@haxit said in MeshCentral Updates:
also how would i resolve this
That doesn't appear if you are running MeshCentral as root.
The screenshot above is taken from this guide.
Install Guide
http://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2InstallGuide-0.0.9.pdfUser Guide
http://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2UserGuide-0.2.9.pdfI don't understand why 80 and 443 are being used. Just use 8080 and 8443 (or literally anything >1024) like other applications and either use a proxy or port redirection. This also disables LD_LIBRARY_PATH. And it looks like Node has specifically tried to stop this because any node process would be able to bind to root only ports: https://github.com/nodejs/node/issues/22648
-
Has this project been put under any security review or scrutiny? It seems to me like people are rushing to deploy beta software with full access to their environment and exposing it to the world without due diligence. This software is still in beta and there some reflags in the way people are installing it as well.
-
@ScottyBoy said in MeshCentral Updates:
Has this project been put under any security review or scrutiny? It seems to me like people are rushing to deploy beta software with full access to their environment and exposing it to the world without due diligence. This software is still in beta and there some reflags in the way people are installing it as well.
Well, these things may sound bad. But compare to the competition which is often under less review, releases to "production" what wouldn't qualify as beta here, and often requires worse installation.
It would be great if someone wants to do a security code review. But is there any product in this category that has gotten such a treatment? This is the only one even open for review. It's at least open and written in a modern way. Something few, if any, of its competition can say.
Name a product that is out there that isn't worse from this aspect? I've certainly seen none. Definitely not LogMeIn, ConnectWise or many others. This is at least a vastly more trustworthy vendor (Intel), made in a modern fashion, and open source. One of the most important rules in decision making - never avoid the best because it fails to be perfect. In an ideal world, everything would get a full security review. Short of that, you have to deal with realism and finding the best option.
-
@syko24 said in MeshCentral Updates:
Has anyone tried using the noVNC option? I was pretty excited to see additional ways to remote desktop onto the computer as the default desktop viewer is sometimes a little limited. I couldn't get it to work. I wasn't sure is this was an AMT only option or if it should just work out of the box.
Not yet, but have been meaning to.
-
@scottalanmiller said in MeshCentral Updates:
what wouldn't qualify as beta here, and often requires worse installation
I have a hard time believing that breaking system security or being forced to run the tool as root is not a worse instsllation.
-
@scottalanmiller said in MeshCentral Updates:
This is at least a vastly more trustworthy vendor (Intel)
Intel is a terrible vendor. Security especially and just overall not good. You've complained about how bad they are multiple times here. And it's being developed by a single person not Intel. They may back it in some way which has yet to be proven, but they are not the vendor. And while a single person may be helpful sometimes for quick responses in fixes, more often than not that isn't the case. How many people here who are demanding changes are contributing back to the project either through payments or through code commits? Hopefully this guy doesn't get burnt out like we've seen from other other tools that have popped up here before.
-
Let me remind you of what you said about Intel a few years ago after one of their pretty huge vulnerabilities.
-
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
This is at least a vastly more trustworthy vendor (Intel)
Intel is a terrible vendor. Security especially and just overall not good. You've complained about how bad they are multiple times here. And it's being developed by a single person not Intel. They may back it in some way which has yet to be proven, but they are not the vendor. And while a single person may be helpful sometimes for quick responses in fixes, more often than not that isn't the case. How many people here who are demanding changes are contributing back to the project either through payments or through code commits? Hopefully this guy doesn't get burnt out like we've seen from other other tools that have popped up here before.
Intel used to advertise it as an Intel product. "Yet to be proven" makes it sound like this has been somehow disputed in the past.
-
@stacksofplates said in MeshCentral Updates:
Let me remind you of what you said about Intel a few years ago after one of their pretty huge vulnerabilities.
Good point. Shows how even I start to forget where these vendors totally screw up.
In my defense, I buy exclusively AMD, but start to forget what factors drove me there.
-
@scottalanmiller said in MeshCentral Updates:
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
This is at least a vastly more trustworthy vendor (Intel)
Intel is a terrible vendor. Security especially and just overall not good. You've complained about how bad they are multiple times here. And it's being developed by a single person not Intel. They may back it in some way which has yet to be proven, but they are not the vendor. And while a single person may be helpful sometimes for quick responses in fixes, more often than not that isn't the case. How many people here who are demanding changes are contributing back to the project either through payments or through code commits? Hopefully this guy doesn't get burnt out like we've seen from other other tools that have popped up here before.
Intel used to advertise it as an Intel product. "Yet to be proven" makes it sound like this has been somehow disputed in the past.
I never saw them advertise it. Where was that? The only thing I ever found was a blog post about it on an Intel site.
-
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
This is at least a vastly more trustworthy vendor (Intel)
Intel is a terrible vendor. Security especially and just overall not good. You've complained about how bad they are multiple times here. And it's being developed by a single person not Intel. They may back it in some way which has yet to be proven, but they are not the vendor. And while a single person may be helpful sometimes for quick responses in fixes, more often than not that isn't the case. How many people here who are demanding changes are contributing back to the project either through payments or through code commits? Hopefully this guy doesn't get burnt out like we've seen from other other tools that have popped up here before.
Intel used to advertise it as an Intel product. "Yet to be proven" makes it sound like this has been somehow disputed in the past.
I never saw them advertise it. Where was that? The only thing I ever found was a blog post about it on an Intel site.
Earlier version, they used to have it somewhere associated with the AMT products.
-
@scottalanmiller said in MeshCentral Updates:
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
This is at least a vastly more trustworthy vendor (Intel)
Intel is a terrible vendor. Security especially and just overall not good. You've complained about how bad they are multiple times here. And it's being developed by a single person not Intel. They may back it in some way which has yet to be proven, but they are not the vendor. And while a single person may be helpful sometimes for quick responses in fixes, more often than not that isn't the case. How many people here who are demanding changes are contributing back to the project either through payments or through code commits? Hopefully this guy doesn't get burnt out like we've seen from other other tools that have popped up here before.
Intel used to advertise it as an Intel product. "Yet to be proven" makes it sound like this has been somehow disputed in the past.
I never saw them advertise it. Where was that? The only thing I ever found was a blog post about it on an Intel site.
Earlier version, they used to have it somewhere associated with the AMT products.
Isn't the new version still associated with AMT?
-
@Dashrender said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
This is at least a vastly more trustworthy vendor (Intel)
Intel is a terrible vendor. Security especially and just overall not good. You've complained about how bad they are multiple times here. And it's being developed by a single person not Intel. They may back it in some way which has yet to be proven, but they are not the vendor. And while a single person may be helpful sometimes for quick responses in fixes, more often than not that isn't the case. How many people here who are demanding changes are contributing back to the project either through payments or through code commits? Hopefully this guy doesn't get burnt out like we've seen from other other tools that have popped up here before.
Intel used to advertise it as an Intel product. "Yet to be proven" makes it sound like this has been somehow disputed in the past.
I never saw them advertise it. Where was that? The only thing I ever found was a blog post about it on an Intel site.
Earlier version, they used to have it somewhere associated with the AMT products.
Isn't the new version still associated with AMT?
Yes, but the AMT sites used to point to it. Maybe they still do, but I don't mean it pointing to AMT.
-
@scottalanmiller said in MeshCentral Updates:
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
@stacksofplates said in MeshCentral Updates:
@scottalanmiller said in MeshCentral Updates:
This is at least a vastly more trustworthy vendor (Intel)
Intel is a terrible vendor. Security especially and just overall not good. You've complained about how bad they are multiple times here. And it's being developed by a single person not Intel. They may back it in some way which has yet to be proven, but they are not the vendor. And while a single person may be helpful sometimes for quick responses in fixes, more often than not that isn't the case. How many people here who are demanding changes are contributing back to the project either through payments or through code commits? Hopefully this guy doesn't get burnt out like we've seen from other other tools that have popped up here before.
Intel used to advertise it as an Intel product. "Yet to be proven" makes it sound like this has been somehow disputed in the past.
I never saw them advertise it. Where was that? The only thing I ever found was a blog post about it on an Intel site.
Earlier version, they used to have it somewhere associated with the AMT products.
That's the only thing I have ever seen referencing it not from the MeshCentral side. And that's just a blog on the Intel developer site.
-
And not only that but Ylian himself says Intel is not involved.
-
@ScottyBoy said in MeshCentral Updates:
And not only that but Ylian himself says Intel is not involved.
Interesting. It definitely used to be posted on Intel's site.
-
FYI, Do not update to the current version (0.7.47) of Meshcentral today. Its having issues. About 90% of my systems cannot connect back.
EDIT: Actually it is the Windows machines having issues. Linux machines are fine.
-
@pmoncho said in MeshCentral Updates:
FYI, Do not update to the current version (0.7.47) of Meshcentral today. Its having issues. About 90% of my systems cannot connect back.
I'm not noticing any issues and I've been on that version for awhile now.
-
Interesting. I am trying to figure it out at the moment. It has something to do with the meshagent.update.exe getting stuck.
From C:\Program Files\Mesh Agent\MeshAgent.log file.
[2021-01-12 07:10:45 AM] SelfUpdate -> Checking Updater Version on: C:\Program Files\Mesh Agent\MeshAgent.update.exe , C:\Program Files\Mesh Agent\MeshAgent.exe[2021-01-12 07:10:45 AM] SelfUpdate -> UpdaterVersion_ERROR: child_process.execFile(): Could not exec [C:Program FilesMesh AgentMeshAgent.update.exe]Followed by a bunch of these:
[2021-01-12 08:11:10 AM] Microstack STUCK: @ [NtDelayExecution] [SleepEx] [FuncAddr: 0x1251E5D2F67F0000] [FuncAddr: 0x8E5FE5D2F67F0000] [FuncAddr: 0x56CCEED2F67F0000] [FuncAddr: 0xC9CEEED2F67F0000] [FuncAddr: 0x64B3EDD2F67F0000] [FuncAddr: 0xFFBDEDD2F67F0000] [FuncAddr: 0xFE23EED2F67F0000] [FuncAddr: 0xF5B5E5D2F67F0000] [FuncAddr: 0x14C4EFD2F67F0000] [LsaLookupUserAccountType] [BaseThreadInitThunk] [RtlUserThreadStart] -
0.7.46 introduced some behaviour that is a problem. 0.7.47 didn't have a fix for it. He's looking into it now.
