Has anyone discovered and mapped an FTP server connection from WebSphere or Apache server?

curtisrowell · ‎02-14-2017

We have a Windows FTP server which has an FTP service (ftpsvc) running but doesn't listen on any port until activated by SVCHOST -k ftpsvc.

Service Mapping sees the port attached to SVCHOST and creates a generic application with the svchost.exe name.

The connection is made from an Apache server and all the data to make the connection is stored in a properties file. e.g. ftpserver.<domain>.<domain>.net.

We have created an identification patter associated with svchost.exe on the FTPServer CI which works, kind of. It labels it as a File Server, in spite of the FTP Server CI Type which has been selected in the connection pattern running at the Apache server.

I'm trying to figure out how we can accomplish this and get the identification, and therefore the correct CI Class and Table, correct. I've been looking at possibly a probe for horizontal discovery so the server, upon discovery is created as an FTP server, properly classified and then the Apache pattern simply connects to it.

Thoughts?

curtisrowell · ‎02-15-2017

So the solution turned out to be overly simple. Create process classification for the FTP process executable; Create an Identify only pattern, pointing to the FTP Server class.

View solution in original post

curtisrowell · ‎02-15-2017

So the solution turned out to be overly simple. Create process classification for the FTP process executable; Create an Identify only pattern, pointing to the FTP Server class.

Fares K · ‎12-10-2019

Hi Curtis,

This may a belated question, but where did you place your identification pattern & process classification? In a Server identification pattern?