SlideShare a Scribd company logo

Addmi 15-discovery scripts

Download as PPT, PDF
O
odanyboy

The document discusses discovery scripts used by Atrium Discovery to gather information from devices. It explains that scripts are organized by platform and method, and may require different access types. It provides examples of Unix and Windows discovery scripts, noting Windows scripts typically use multiple access types like WMI and require a Windows slave host.

1 of 35
Downloaded 70 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
Discovery Scripts What Atrium Discovery Will Ask A Host
Discovery Scripts: Outline Platforms Methods and scripts Commands The difference between access types Unix discovery scripts Windows discovery scripts Slave scripts WMI scripts
Discovery Scripts: Platform Discovery subdivides IP Devices into categories called Platforms that behave in similar ways Generally a Platform is equivalent to the Operating System
Discovery Scripts: Methods Discovery has a number standard Methods , each of which will try and determine one set of related information from the device getDeviceInfo Get basic device properties: os, name, device type, … getHostInfo Get Host properties: kernel, serial, cpu, ram, … getInterfaceList Get list of interfaces getProcessList Get list of processes
For each Platform and each Method Discovery has at least one Script The Script contains the knowledge of how to gather the information needed by that Method on that Platform Discovery Scripts: Scripts getHostInfo echo 'model:' `uname -i 2>/dev/null` /usr/sbin/prtconf 2>/dev/null | nawk '/^Memory size:/ {print "ram: " $3 "MB"}' SELECT Name, Manufacturer, Model, Domain FROM Win32_ComputerSystem getHostInfo
Discovery Scripts: Access For each Platform there may be a number of different Access types that can be used Sometimes a Script needs to use a particular Access type SNMP SSH TELNET WMI RCMD SNMP
Discovery Scripts: Multiple Scripts A Method can have more than one Script if there are ways of getting the information from different commands Each script is run in the order defined until one returns data SELECT Name, Manufacturer, Model, Domain FROM Win32_ComputerSystem getHostInfo SYSTEMINFO /fo csv /nh WMI RCMD
Platforms in the Atrium Discovery UI Administration > Discovery Platforms
Platforms in the Atrium Discovery UI
Discovery Methods in the UI Red * indicates methods that MUST succeed in order to infer a Host
Differences between UNIX, Windows and SNMP
SNMP Discovery SNMP has a fixed set of scripts against standard MIBs
Windows vs UNIX Access Atrium Discovery is a Linux based appliance Unix Platforms can be accessed directly by the appliance Windows Platforms access must be proxied by the Windows Slave ADDM Appliance ADDM Appliance Target Host Target Host Slave Host
Why the Windows Slave Is Needed This is for 2 core reasons High quality Windows Access is via native protocols (mostly WMI) and needs to be done from a Windows system For Windows protocols to authenticate successfully they need to be connected to a domain or workgroup By running on a customer provided Windows Host software updates, anti-virus software, credentials management can all be managed by customer High level credentials like Domain and Enterprise Admin do not need to be entered into the credential vault
Windows and UNIX Differences (1) UNIX has shell scripting that allows scripts to test and adapt Windows has a published fine grain management interface, but not all information is available UNIX Discovery Methods tend to be served by a large single script and a single access type Windows Discovery Methods tend to be served by several scripts and different access types
Windows and UNIX Differences (2) UNIX credentials tend to have authorities set local to the host via sudo, suexec, etc Windows credentials tend to have authorities set centrally by the domain UNIX Discovery scripts can need additional commissioning to get the best quality data Windows Discovery scripts work out of the box so long as domain admin credentials used
Unix Discovery Scripts
UNIX Discovery Scripts in the UI (1) Click on the Platform link to see the Scripts
UNIX Discovery Scripts in the UI (2) Red * indicates methods that MUST succeed in order to infer a host Red bar indicates methods that have been modified Yellow star indicates scripts that need elevated privileges in order to succeed
Viewing the UNIX Discovery Scripts Click on the script name to expand inline Script Notes Elevated privilege required
Use the UI to edit Or download edit, test and upload Disable a Script entirely Reset to the default Differences shown in red UNIX Discovery Scripts Actions
Why You Need Privilege Elevation Primarily because most commands on UNIX that can read configuration can also alter the configuration so are restricted to root You could enter the root credential into Atrium Discovery General reluctance to do this You can configure the existing privilege elevation system to run certain commands with root privilege This is usually sudo This configuration will need rolling out
Unix Discovery Scripts Privileged Commands There are a number of privilege elevation systems and a number of ways of configuring them so the scripts need commissioning There is an additional Initialise Method and Script on the UNIX platforms This is run at the start of every session so functions and shell variables set in this Script are available in others
Editing the Init Script Only consider editing the init script if You are advised by Support You have knowledge of the particular OS commands You have shell scripting experience You test carefully: mistakes can have greatly impact on data quality and discovery times Do not alter the script above the PRIV_ functions  
PRIV_ functions You will need to add the path to the command Always make sure you have the “$@”
Windows Discovery Scripts
Windows Discovery Scripts in the UI (1) Click on the Slave Scripts link to see the Scripts
Windows Discovery Scripts in the UI (2) Red * indicates methods that MUST succeed in order to infer a host
Windows Discovery Scripts Ordering Discovery Scripts are run in the order shown in the UI If the first Script in the Method (here WMI) fails to return valid data then the second Script in the list is used The primary Windows Discovery Method is WMI Queries, click through for details: Order
Windows Management Instrumentation WMI is the primary and preferred access Microsoft standard for accessing management information over the network Can be used to retrieve configuration details about most aspects of a Windows system Classes with attributes are defined, with an SQL-like query language Example query: Select Name, Manufacturer, Domain, Model, Workgroup from Win32_ComputerSystem
Windows WMI Discovery Scripts Administration > Discovery Platforms > Windows Discovery > WMI Support
Discovery Scripts Exercises
Other Windows Access Types (1) RemCom Preferred method after WMI Installed on slave with the Slave software PsTools Microsoft owned remote admin tools, originally Sysinternals Includes pslist, psinfo, psexec, etc RCMD (Older Windows Resource Kit Utility) No longer distributed with the slave Customers will need to download and install the appropriate Windows Resource Kit for the OS that the slave is running on, and copy the files into the slave installation directory All these access types run commands native to the remote Windows Host hostname, systeminfo, ipconfig, netstat, …
Other Windows Access Types (2) Some commands are capable of remote access as part of their design These are a “local command” access type Will be run on the slave host to access the target host Microsoft – usually natively available SYSTEMINFO TASKLIST PsTools – only if installed on the slave host PSINFO PSLIST
Online Documentation: http://www.tideway.com/confluence/display/81/Discovery Further Resources Tideway Foundation Version 7.2 Documentation Title

More Related Content

PPT
Addmi 16.5-discovery troubleshooting
odanyboy
 
PPT
Addmi 11-intro to-patterns
odanyboy
 
PPT
Addmi 16-discovery monitoring
odanyboy
 
PPT
Addmi 13-discovery overview (patrick ryan's conflicted copy 2011-01-27)
odanyboy
 
PPT
Addmi 13-discovery overview
odanyboy
 
PPT
Web application attack and audit framework (w3af)
Abhishek Choksi
 
PDF
130823 eric vitouley - supporting source code maintenance using screencasts
Ptidej Team
 
PPT
W3AF|null
Prajwal Panchmahalkar
 
Addmi 16.5-discovery troubleshooting
odanyboy
 
Addmi 11-intro to-patterns
odanyboy
 
Addmi 16-discovery monitoring
odanyboy
 
Addmi 13-discovery overview (patrick ryan's conflicted copy 2011-01-27)
odanyboy
 
Addmi 13-discovery overview
odanyboy
 
Web application attack and audit framework (w3af)
Abhishek Choksi
 
130823 eric vitouley - supporting source code maintenance using screencasts
Ptidej Team
 
W3AF|null
Prajwal Panchmahalkar
 

Viewers also liked (19)

PPT
58466507 event-management-best-practices-1-488
Prasad Rt
 
PPTX
Knowledge Management in BMC Remedy 9.1
Jon Stevens-Hall
 
PPTX
Optimizing Service Desk Interactions with Knowledge Management - BMC Engage 2015
Jon Stevens-Hall
 
PDF
Fannie mae bmc remedy its mv7 production infrastructure_v8_021009
Accenture
 
PDF
Power of the Platform: Andy Walker, BMC Software
BMC Software
 
PPT
Addmi 04-va installation
odanyboy
 
PPT
Addmi 09.5-analysis ui-host-grouping
odanyboy
 
PPT
Addmi 02-addm overview
odanyboy
 
PPT
Addmi 06-security mgmt
odanyboy
 
PPT
Addmi 07-taxonomy
odanyboy
 
PPT
Addmi 12-basic scan
odanyboy
 
PPT
Addmi 09-analysis ui-reporting
odanyboy
 
PPT
Addmi 17-snapshot
odanyboy
 
PPT
Addmi 14-discovery credentials
odanyboy
 
PDF
BMC Engage 2015 Breakout Session #420 - #ITSM_SUCCESS-Final_3.5 (1)
Phil Bautista
 
PPT
Addmi 18-appliance baseline
odanyboy
 
PPT
Addmi 08-dashboards
odanyboy
 
PPT
Addmi 10-query builder
odanyboy
 
PPTX
Sanofi’s Journey to Service Resolution
BMC Software
 
58466507 event-management-best-practices-1-488
Prasad Rt
 
Knowledge Management in BMC Remedy 9.1
Jon Stevens-Hall
 
Optimizing Service Desk Interactions with Knowledge Management - BMC Engage 2015
Jon Stevens-Hall
 
Fannie mae bmc remedy its mv7 production infrastructure_v8_021009
Accenture
 
Power of the Platform: Andy Walker, BMC Software
BMC Software
 
Addmi 04-va installation
odanyboy
 
Addmi 09.5-analysis ui-host-grouping
odanyboy
 
Addmi 02-addm overview
odanyboy
 
Addmi 06-security mgmt
odanyboy
 
Addmi 07-taxonomy
odanyboy
 
Addmi 12-basic scan
odanyboy
 
Addmi 09-analysis ui-reporting
odanyboy
 
Addmi 17-snapshot
odanyboy
 
Addmi 14-discovery credentials
odanyboy
 
BMC Engage 2015 Breakout Session #420 - #ITSM_SUCCESS-Final_3.5 (1)
Phil Bautista
 
Addmi 18-appliance baseline
odanyboy
 
Addmi 08-dashboards
odanyboy
 
Addmi 10-query builder
odanyboy
 
Sanofi’s Journey to Service Resolution
BMC Software
 
Ad

Similar to Addmi 15-discovery scripts (20)

PPT
Addmi 03-addm prerequisites
odanyboy
 
PPTX
Inventory your network and clients with PowerShell
Concentrated Technology
 
PPT
ch2_OS Structures.ppt To discuss the various ways of structuring an operatin...
ShubhamSingh643565
 
PDF
CH02.pdf
ImranKhan880955
 
PPT
MELJUN CORTES operating_system_structure
MELJUN CORTES
 
PPT
Ch2
rupalidhir
 
PDF
OS - System Structure
vinay arora
 
PPT
OS - Ch2
sphs
 
PPT
Chapter 2 - Operating System Structures
Wayne Jones Jnr
 
PPTX
MODULE-1_Operating System Services - ppt
ambikavenkatesh2
 
PPTX
Managing enterprise with PowerShell remoting
Concentrated Technology
 
PPT
PowerShell Remoting
Concentrated Technology
 
PPS
Workshop on BackTrack live CD
amiable_indian
 
PPT
Kunal - Introduction to backtrack - ClubHack2008
ClubHack
 
PPT
Kunal - Introduction to BackTrack - ClubHack2008
ClubHack
 
PPT
OS Services, System call, Virtual Machine
Divya S
 
PPT
Operating-System Structures
Cloudbells.com
 
PPTX
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Lumension
 
PPT
Operating System 2
tech2click
 
PPT
2.Operating System Structures
Senthil Kanth
 
Addmi 03-addm prerequisites
odanyboy
 
Inventory your network and clients with PowerShell
Concentrated Technology
 
ch2_OS Structures.ppt To discuss the various ways of structuring an operatin...
ShubhamSingh643565
 
CH02.pdf
ImranKhan880955
 
MELJUN CORTES operating_system_structure
MELJUN CORTES
 
Ch2
rupalidhir
 
OS - System Structure
vinay arora
 
OS - Ch2
sphs
 
Chapter 2 - Operating System Structures
Wayne Jones Jnr
 
MODULE-1_Operating System Services - ppt
ambikavenkatesh2
 
Managing enterprise with PowerShell remoting
Concentrated Technology
 
PowerShell Remoting
Concentrated Technology
 
Workshop on BackTrack live CD
amiable_indian
 
Kunal - Introduction to backtrack - ClubHack2008
ClubHack
 
Kunal - Introduction to BackTrack - ClubHack2008
ClubHack
 
OS Services, System call, Virtual Machine
Divya S
 
Operating-System Structures
Cloudbells.com
 
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Lumension
 
Operating System 2
tech2click
 
2.Operating System Structures
Senthil Kanth
 
Ad

Addmi 15-discovery scripts

  • 1. Discovery Scripts What Atrium Discovery Will Ask A Host
  • 2. Discovery Scripts: Outline Platforms Methods and scripts Commands The difference between access types Unix discovery scripts Windows discovery scripts Slave scripts WMI scripts
  • 3. Discovery Scripts: Platform Discovery subdivides IP Devices into categories called Platforms that behave in similar ways Generally a Platform is equivalent to the Operating System
  • 4. Discovery Scripts: Methods Discovery has a number standard Methods , each of which will try and determine one set of related information from the device getDeviceInfo Get basic device properties: os, name, device type, … getHostInfo Get Host properties: kernel, serial, cpu, ram, … getInterfaceList Get list of interfaces getProcessList Get list of processes
  • 5. For each Platform and each Method Discovery has at least one Script The Script contains the knowledge of how to gather the information needed by that Method on that Platform Discovery Scripts: Scripts getHostInfo echo 'model:' `uname -i 2>/dev/null` /usr/sbin/prtconf 2>/dev/null | nawk '/^Memory size:/ {print "ram: " $3 "MB"}' SELECT Name, Manufacturer, Model, Domain FROM Win32_ComputerSystem getHostInfo
  • 6. Discovery Scripts: Access For each Platform there may be a number of different Access types that can be used Sometimes a Script needs to use a particular Access type SNMP SSH TELNET WMI RCMD SNMP
  • 7. Discovery Scripts: Multiple Scripts A Method can have more than one Script if there are ways of getting the information from different commands Each script is run in the order defined until one returns data SELECT Name, Manufacturer, Model, Domain FROM Win32_ComputerSystem getHostInfo SYSTEMINFO /fo csv /nh WMI RCMD
  • 8. Platforms in the Atrium Discovery UI Administration > Discovery Platforms
  • 9. Platforms in the Atrium Discovery UI
  • 10. Discovery Methods in the UI Red * indicates methods that MUST succeed in order to infer a Host
  • 11. Differences between UNIX, Windows and SNMP
  • 12. SNMP Discovery SNMP has a fixed set of scripts against standard MIBs
  • 13. Windows vs UNIX Access Atrium Discovery is a Linux based appliance Unix Platforms can be accessed directly by the appliance Windows Platforms access must be proxied by the Windows Slave ADDM Appliance ADDM Appliance Target Host Target Host Slave Host
  • 14. Why the Windows Slave Is Needed This is for 2 core reasons High quality Windows Access is via native protocols (mostly WMI) and needs to be done from a Windows system For Windows protocols to authenticate successfully they need to be connected to a domain or workgroup By running on a customer provided Windows Host software updates, anti-virus software, credentials management can all be managed by customer High level credentials like Domain and Enterprise Admin do not need to be entered into the credential vault
  • 15. Windows and UNIX Differences (1) UNIX has shell scripting that allows scripts to test and adapt Windows has a published fine grain management interface, but not all information is available UNIX Discovery Methods tend to be served by a large single script and a single access type Windows Discovery Methods tend to be served by several scripts and different access types
  • 16. Windows and UNIX Differences (2) UNIX credentials tend to have authorities set local to the host via sudo, suexec, etc Windows credentials tend to have authorities set centrally by the domain UNIX Discovery scripts can need additional commissioning to get the best quality data Windows Discovery scripts work out of the box so long as domain admin credentials used
  • 18. UNIX Discovery Scripts in the UI (1) Click on the Platform link to see the Scripts
  • 19. UNIX Discovery Scripts in the UI (2) Red * indicates methods that MUST succeed in order to infer a host Red bar indicates methods that have been modified Yellow star indicates scripts that need elevated privileges in order to succeed
  • 20. Viewing the UNIX Discovery Scripts Click on the script name to expand inline Script Notes Elevated privilege required
  • 21. Use the UI to edit Or download edit, test and upload Disable a Script entirely Reset to the default Differences shown in red UNIX Discovery Scripts Actions
  • 22. Why You Need Privilege Elevation Primarily because most commands on UNIX that can read configuration can also alter the configuration so are restricted to root You could enter the root credential into Atrium Discovery General reluctance to do this You can configure the existing privilege elevation system to run certain commands with root privilege This is usually sudo This configuration will need rolling out
  • 23. Unix Discovery Scripts Privileged Commands There are a number of privilege elevation systems and a number of ways of configuring them so the scripts need commissioning There is an additional Initialise Method and Script on the UNIX platforms This is run at the start of every session so functions and shell variables set in this Script are available in others
  • 24. Editing the Init Script Only consider editing the init script if You are advised by Support You have knowledge of the particular OS commands You have shell scripting experience You test carefully: mistakes can have greatly impact on data quality and discovery times Do not alter the script above the PRIV_ functions  
  • 25. PRIV_ functions You will need to add the path to the command Always make sure you have the “$@”
  • 27. Windows Discovery Scripts in the UI (1) Click on the Slave Scripts link to see the Scripts
  • 28. Windows Discovery Scripts in the UI (2) Red * indicates methods that MUST succeed in order to infer a host
  • 29. Windows Discovery Scripts Ordering Discovery Scripts are run in the order shown in the UI If the first Script in the Method (here WMI) fails to return valid data then the second Script in the list is used The primary Windows Discovery Method is WMI Queries, click through for details: Order
  • 30. Windows Management Instrumentation WMI is the primary and preferred access Microsoft standard for accessing management information over the network Can be used to retrieve configuration details about most aspects of a Windows system Classes with attributes are defined, with an SQL-like query language Example query: Select Name, Manufacturer, Domain, Model, Workgroup from Win32_ComputerSystem
  • 31. Windows WMI Discovery Scripts Administration > Discovery Platforms > Windows Discovery > WMI Support
  • 33. Other Windows Access Types (1) RemCom Preferred method after WMI Installed on slave with the Slave software PsTools Microsoft owned remote admin tools, originally Sysinternals Includes pslist, psinfo, psexec, etc RCMD (Older Windows Resource Kit Utility) No longer distributed with the slave Customers will need to download and install the appropriate Windows Resource Kit for the OS that the slave is running on, and copy the files into the slave installation directory All these access types run commands native to the remote Windows Host hostname, systeminfo, ipconfig, netstat, …
  • 34. Other Windows Access Types (2) Some commands are capable of remote access as part of their design These are a “local command” access type Will be run on the slave host to access the target host Microsoft – usually natively available SYSTEMINFO TASKLIST PsTools – only if installed on the slave host PSINFO PSLIST
  • 35. Online Documentation: http://www.tideway.com/confluence/display/81/Discovery Further Resources Tideway Foundation Version 7.2 Documentation Title

Editor's Notes

  • #4: Note that Discovery treats all the linux distributions as one Platform.
  • #7: For instance the same Script can run on SSH as Telnet as it makes no difference. But a completely different Script needs to run on WMI compared to SNMP as the commands are very different.
  • #10: For all the Linux distributions there is a SINGLE set of scripts (under the Linux platform) and for the minor differences between distributions the script itself can run alternative commands as there is a rich control set in shell scripting. For SNMP access there is a fixed set of SNMP queries against standard MIBs that will get a basic set of infrastructure information. SNMP will be used against any device that appears to have an SNMP port open, but it will be used last as it is the most limited. There are some platforms where the only supported access is via SNMP. Of these some will form Host nodes and have full discovery and some will simply be identified. This area of out of the box discovery is fixed and is not end user editable.
  • #13: For SNMP access there is a fixed set of SNMP queries against standard MIBs that will get a basic set of infrastructure information. SNMP will be used against any device that appears to have an SNMP port open, but it will be used last as it is the most limited. There are some platforms where the only supported access is via SNMP. Of these some will form Host nodes and have full discovery and some will simply be identified. This area of out of the box discovery is fixed and is not end user editable.
  • #14: The Windows Slave is a Discovery Proxy Service that runs on a Windows host external to Tideway Foundation. This is for 2 core reasons High quality Windows Access is via proprietary protocols (mostly WMI) and needs to be done from a Windows system For Windows protocols to authenticate successfully they need to be connected to a To install and manage Windows Slaves see the separate module.
  • #16: Neither approach is better or worse; this is not some which Platform is better flamewar! But the discovery scripts have evolved in different ways on the two major collections of platforms and so while they have similarities there are differences.
  • #17: This is why the UNIX Scripts are required to be editable whereas the Windows Scripts are fixed.
  • #20: Important: getDeviceinfo, getHostinfo, and getInterfaceList must all success in order to infer a host
  • #21: Some, but not all, scripts have notes attached. Usually where elevated privilege is required in the script there will be short notes explaining this. Elevated privilege will be discussed shortly but note that commands that require it are highlighted in red and prefixed with a PRIV_<NAME> function. To edit the script click on the edit button. A useful tip is that if you want to review *all* the scripts from a platform, maybe you have to send them around for authorisation review, then you can click on the “Download host script” link at the top of the page. This will merge all the scripts into one. This is also useful if you want to try how the scripts behave on Hosts that you are not yt allowed to scan directly.
  • #23: The out of the box scripts are designed to degrade gracefully if root privilege is not available and will still return as much data as they can.
  • #25: Remember that this script will be run *every* time a session is established for this platform. It has to work on *every* machine in your environment. You should have a sound knowlegde of your local UNIX environment or enlist the support of those that do.
  • #26: As the same script is used for every host on this platform you may find that you need to test a number of paths, and maybe even different tools, to find which one is installed on a praticular host and it’s path. It’s best to do this by writing a small search before the PRIV_ commands and setting the command and path to a shell variable. This means this is done just once rather than in every function which is more efficient and easier to maintain.
  • #28: For ease of display the WMI queries are summarised on their own page – “WMI Support” “ Shell Scripts” are used by discovery in the rare case that the Windows host supports unix shell sessions and is rarely used.
  • #29: Some important differences to the UNIX Scripts getDeviceInfo AND getHostInfo will both be handled by scripts in the getHostInfo Method and will only be run once Many more Scripts per Method than UNIX to the create variety of Access types and the lack of a common scripting shell between them The Scripts are fixed – you cannot edit them or disable them. This is because the configuration is held local to the slave and this area of the UI is simply a summary of the standard slave configuration. WMI Query Scripts are attempted first for most Methods but not some important Methods, notably getNetworkConnectionList, have no information in WMI and have to use other Scripts
  • #30: Note that it is not possible to reorder the Scripts used by a Method, in Windows or UNIX platforms. They are in a fixed order ranked according to the quality of data provided.
  • #31: Wikipedia says: Windows Management Instrumentation ( WMI ) is a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification. WMI is Microsoft's implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF).
  • #32: The important detail here is that the first query in the getHostInfo WMI Script must succeed. If it does not then the slave executing the query will take this as an indication that it does not have access to WMI and will use other Scripts and Access types for the rest of the session. In general any query that fails will cause the method to fail for WMI and the slave will use other scripts, the only exception being queries marked as “Option, This query may fail” which are used for additional information or potentially will only work on newer versions of Windows.
  • #33: Optionally you may wish to complete the labs that have been prepared to accompany this module. Please download the lab zip file that should be available where you accessed this module. Make sure you have access to a running appliance before attempting the labs. It is best to use the training demo VA provided as it is set up to work with the labs. You may need to review tutorial material in order to work out the solutions.
  • #34: RemCom is used as the PsTools toolset is no longer maintained reliably, in particular v1.94 of psexec must never be installed as it will consistently cause the slave to fail. Additionally our license agreement to distribute PsTools was made with Sysinternals prior to the merger with Microsoft; Microsoft have honoured the original agreement to distribute to XP/2003 hosts but have declined to extend this to Vista/2008 hosts. RemCom, as an open source tool, does not suffer from these restrictions. RCMD is included for discovery of older systems and relies on the RCMDSRV.EXE to be running. Frequently it is not in most environments. RCMD is no longer distributed with the slave so customers will need to download and install the appropriate Windows Resource Kit for the OS that the slave is running on, and copy the files into the slave installation directory. Other tools that are no longer distributed are srvinfo, pulist and tlist. These tools are also in the Windows Resource Kit and can be downloaded if needed. From Sourceforge: RemCom is RAT [Remote Administration Tool] that lets you execute processes on remote windows systems, copy files, process there output and stream it back. It allows execution of remote shell commands directly with full interactive console.