SOTI Pulse Logo

Sendreport script - Information / flow / security

YR
Yoan R
COPPERNIC

Hello,

[MC Version: 14.3.3.1111 // Devices: Android Enterprise DO]

Could someone tell us how this script works, what is the flow and above all, is the system secure and how?

We are surprised that we do not know about this flow since it does not appear on the network config diagram:

According to the online help:

sendreport

Sends a debug report from the device agent to the SOTI ftp server.

 

This script ask the device agent to send a debug report (all following files) to the SOTI FTP server through the port 22 and without passing through the MC server (DS/MS).

Since we are concerned about the security of our devices, we have some questions :

  • Is the FTP flow used by SOTI (not SFTP) secure? 
  • If so, how it is secured? What is the authentication mechanism?
  • Is it a one-way flow? Or is it two-way?
  • From device to the SOTI FTP? From SOTI FTP to device?
  • What types of files can transit through this flow?
  • In case SOTI is attacked, what would be the possibilities for the hackers and the consequences?
  • Are there other flows of this type that do not appear at all on the network config diagram?

Many thanks for your detailed answers.

BR

android-enterprise security script
Edited 4 years ago
Android
ANSWERS
J
JCMOD@SOTI
4 years ago

Hi Yoan,

Thank you for posting in SOTI Central.

I will endeavor to contact our Product Management Team and respond back in due course.

Regards,

KC
Kamel C.
4 years ago

Hello,

Is there any news on this topic please?

Best regards

YR
Yoan R
4 years ago

Hi support,

Do you have any answers for us about how your solution works?

Thank you

J
JCMOD@SOTI
4 years ago

Hi Kamel / Yoan,

Our Product Management Team has acknowledged the request and will provide a direct response in due course.

Regards,

YR
Yoan R
4 years ago (edited 4 years ago)

Thank you for your reply.

We are now waiting for a quick feedback.

J
JCMOD@SOTI
4 years ago (edited 4 years ago)

Hi Both,

Our Product Management Team is currently waiting on clarification from internal Development Resources. In the meantime, this will clarify a few questions:

Is the FTP flow used by SOTI (not SFTP) secure?
We started using SFTP instead of FTP in device agent version 13.5.0.1496. Older agents use FTP.

Is it a one-way flow? Or is it two-way? From device to the SOTI FTP? From SOTI FTP to device?
The flow of data is one-way, from the device agent to SOTI’s SFTP server only.

What types of files can transit through this flow?
The debug report ZIP file contains system information about the device, various device and agent logs, the agent’s internal database, the agent’s internal shared preferences files, the assets related to lockdown kiosk configuration, and some other miscellaneous contents of the agent’s private internal storage.

For the other questions, I will send an additional response in due course.

Regards,

J
JCMOD@SOTI
4 years ago

Hi Both,

To add to the above, we've received further clarification:

If so, how it is secured? What is the authentication mechanism?

We started embedding a known_hosts file into our APK, to authenticate the server sftp.soti.net, in device agent version 14.4.1.1064.

Regards,

YR
Yoan R
4 years ago

Hi,

Thank you for these first elements of answer.

Could you please clarify this:

We started embedding a known_hosts file into our APK, to authenticate the server sftp.soti.net, in device agent version 14.4.1.1064.

Does this apply to Android+ and Android Enterprise agent?

Thank you.

J
JCMOD@SOTI
4 years ago

Hi Yoan,

That's correct.

Regards,

Similar Discussions