Good Morning/Afternoon/Evening Everyone, A pull request exists to introduce some very limited command and control capabilities. In it one of the developers questioned why we were attempting to send a heartbeat to a command and control server when it was not configured. That's a very valid point. By design we have a C2 agent that uses a protocol to transmit/receive messages and/or commands. If the protocol isn't configured we're effectively neutered, but we still have the ability to have local control through scripts or executables, so I would like to see C2 a permanent aspect of the MINIFi CPP agent that we have.
If protocol endpoints aren't configured as the reviewer noted we shouldn't be attempting them, so that point is settled ( as in he is correct ), but the penultimate question is whether or not we should allow C2 to be disabled by design. Should this feature be pluggable to the agent? My initial design was that it should not since allowing command and control to be disabled appeared antithetical with its intent; however, I'd love to hear other input as I may be entirely off base ( sometimes I'm not even on the right ball field!). Given the previous sentiment that a C2 agent could be controlled locally, and the capabilities can be used for localized debug/control, should we ever allow C2 to disabled from the default agent? I acknowledge that others may build their own agents without command and control capabilities, so I can only ask this question in regards to the agent that we are building and including into the Apache MiNiFi CPP project. TL;DR : Should we allow C2 capabilities to be disabled? Thank for your time and consideration, Marc
