SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Login

    Error in server communication (280,226) : (0x00002ee2) => The operation timed out

    Scheduled Pinned Locked Moved Bugs and issues
    5 Posts 2 Posters 679 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L Offline
      lammertsm
      last edited by

      Some of our Agents having issues communication with Secteer.

      White listed in the Firewall/Proxy configuration.
      The addresses for Amazon trust services:

      ocsp.sca1b.amazontrust.com
      crt.sca1b.amazontrust.com
      and to SecTeer: https://*.vulndetect.com/

      In de LOG file we see;
      [2023-01-16 15:05:20.849+0060] Launching SecTeer Agent
      [2023-01-16 15:05:20.854+0060] Agent main loop starting
      [2023-01-16 15:05:20.855+0060] Initial configuration:
      version:: 2.4.2.0
      authToken : 3f9b3d5b-d0b2-xxxx-xxxx-xxxxxxxxxxxx
      server : agent.vulndetect.com
      guid::
      verbosity:: info
      processTimeout:: 600 seconds
      checkInInterval:: 60 seconds
      checkInRetryDelay:: 20 seconds
      maxCheckInRetryCount:: 2
      dataRetryDelay:: 900 seconds
      inspectionWindow:: 21600 seconds
      timezoneOffset : +60 minutes
      currentTime:: 2023-01-16 16:05:20 (local time)
      checkInNow:: false
      [2023-01-16 15:05:20.855+0060] Checking in with server
      [2023-01-16 15:05:20.855+0060] Waiting 34 seconds before first check-in
      [2023-01-16 15:05:54.869+0060] Found computer name = 'SERVER01'
      [2023-01-16 15:08:01.601+0060] Error in server communication (280,226) : (0x00002ee2) => The operation timed out
      [2023-01-16 15:08:01.603+0060] Failed to check in with server:

      Any ideas?

      T 1 Reply Last reply Reply Quote 0
      • T Offline
        Tom VulnDetect Team Member @lammertsm
        last edited by

        @lammertsm

        Hi,

        It appears that we have some outdated documentation, it will be fixed within a day or two. The OCSP / CRT hosts should be:

        • r3.o.lencr.org
        • r3.i.lencr.org

        However, this is most likely not the cause of the issue that you have.

        I can see that the host got registered with the system. This means that the installer managed to contact the backend and get the authToken, that you see in the logfile.

        Since the installer is invoked interactively by the logged in user, it uses the same network / proxy settings as the user that is logged in, when it invokes the Agent to register for a authToken.

        While the Agent runs as the SYSTEM user, after it is installed.

        In some environments, there is restrictions on what the SYSTEM user can do on the network and whether it has access to a proxy.

        I suspect that is what you are seeing here.

        Since I don't know anything about your system configuration, it is hard to advise on the proper cause of action to allow the Agent network access.

        /Tom
        Download the latest SecTeer VulnDetect agent here:
        https://vulndetect.com/dl/secteerSetup.exe

        L 2 Replies Last reply Reply Quote 0
        • L Offline
          lammertsm @Tom
          last edited by

          @Tom

          Thanks for your answer and pointing to a direction to investigate and possible solution.

          Also we will update the whitelisted servers in our Proxy server.

          Kind regards,

          1 Reply Last reply Reply Quote 0
          • L Offline
            lammertsm @Tom
            last edited by

            @Tom

            Proxy settings are missing for SYSTEM.

            Solved by set up the proxy for Local System account.
            Download PsExec.exe.

            Start a command shell (cmd.exe) with administrator privileges.

            PsExec -i -s cmd.exe
            This will open a new cmd.exe that is running under Local System authority. You may check this by executing "whoami" command into that new command shell which will return "nt authority\system"

            Open the Internet Options with this command:

            inetcpl.cpl
            Go to “Connections” tab, click on “LAN settings”, and set up the “Proxy server” section with the relevant proxy address and port number.

            (optional) If you need to Bypass proxy server for local addresses, tick the relevant checkbox.

            (optional) If you need to specify exclusions, click “Advanced” and set up the “Exceptions” section accordingly, and click “OK”.

            Click “OK”, and exit all open command shells.

            Secteer agent is now communicating with the Secteer backend!

            T 1 Reply Last reply Reply Quote 1
            • T Offline
              Tom VulnDetect Team Member @lammertsm
              last edited by

              @lammertsm

              I'm happy you found a solution.

              And thank you very much for the detailed explanation, I'm certain other customers can benefit from this.

              /Tom
              Download the latest SecTeer VulnDetect agent here:
              https://vulndetect.com/dl/secteerSetup.exe

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

              Please see our Privacy and Data Processing Policy
              Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
              Forum software by NodeBB