A device can be infected via:
Components needed for correct infection include:
The factory is a model to be used to create agents to be installed. The icon varies according to the type of device intended for the agent:
The following must be set in the factory:
Tip: a configuration can be saved as a template to load it the next time you create a similar agent.
Tip: a factory can be used to create several agents: for example, to be installed via different installation vectors (i.e.: two computers with different operating systems).
Factories are templates that can be created on two different operation-target-agent hierarchical levels:
The operation level mode ensure that collected evidence is assigned separately. In fact, it creates as many agents as there are devices. Later, if two or more devices belong to the same target, the agent can be moved to the right target.
The target level mode, if incorrectly used, may create a factory which is used to create several agents.
Installation vectors are selected when compiling and define the installation method, physical or remote, for an agent. When compiling, available installation vectors may vary according to the device's operating system.
Several installation vectors can be used for the same agent.
NOTE: injection rules are used for injection on HTTP connections.See "Managing the Network Injector"
An agent is the result of compiling a factory with one or more installation vectors. An agent is ready to be installed on a device.
Basic configuration defines the type of data to be acquired while advanced configuration lets you dynamically and independently activate or deactivate modules.
For available module types in the basic and advanced configurations see "Module list"
For more information on agents see "What you should know about agents".
Modules trigger some activities on the target device, mainly data acquisition. They are enabled and set in the basic configuration (only some) or in advanced configuration.
Available module types also depend on the device type.
For the complete list see "Module list".
RCS9.5 | User manual | © COPYRIGHT 2014