SecTeer VulnDetect Support Forum

    VulnDetect

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Download VulnDetect Installer

    Nothing to see

    Bugs and issues
    7
    26
    12494
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Ted last edited by

      There's is nothing to see, when I using SecTeer Personal Carma.

      Any idea?

      0_1526734533386_679df979-abd9-418b-b080-6cad1a6538bb-image.png

      K 1 Reply Last reply Reply Quote 0
      • T
        Tom VulnDetect Team Member @nak last edited by

        @nak We believe we found the cause of this issue. The developers have just released a fix:
        https://vulndetect.org/topic/472/release-secteer-vulndetect-personal-and-backend-2018-12-28

        Please let me know if this fixes it (you only need to wait and see if it runs the inspection at the next "inspectionWindow").

        /Tom
        Download the latest SecTeer VulnDetect agent here:
        https://vulndetect.com/dl/secteerSetup.exe

        1 Reply Last reply Reply Quote 0
        • T
          Tom VulnDetect Team Member @nak last edited by

          @nak Could you send both your secteer.log files from c:\windows\logs\secteer via email to tom at vulndetect dot com

          And can you tell me if the nextInspectionTime corresponds with what you see in the UI?

          /Tom
          Download the latest SecTeer VulnDetect agent here:
          https://vulndetect.com/dl/secteerSetup.exe

          1 Reply Last reply Reply Quote 0
          • N
            nak last edited by

            I'm having the same issue. There appear to be a few issues that I can see:

            Looking at "c:\windows\logs\secteer\secteer.log" "nextInspectionTime" is always a day ahead (even when the next inspection is set on the web site). For example, if I set the web site "hour of day to run inspection" to be an hour from now, the web site will display "next inspection time" of "an hour", but the local agent thinks it is 25 hours from now.

            (I'm in GMT-7 time zone if that makes a difference).

            The other issue is: after a reboot the nextInspectionTime is set to be more than 24 hours away. Here's the logs from today after a reboot (auth tokens and names removed):

            [2018-12-20 18:54:10.198-0480] SecTeer Agent v0.10.11.0 starting in launch mode^M
            [2018-12-20 18:54:10.198-0480] Launching SecTeer Agent^M
            [2018-12-20 18:54:10.202-0480] Agent main loop starting^M
            [2018-12-20 18:54:10.202-0480] Initial configuration:
                         version:: 0.10.11.0
                          server : agent.vulndetect.com
                           guid1::
                           guid2::
                           guid3::
                 checkInInterval:: 3600 seconds
               checkInRetryDelay:: 360 seconds
            maxCheckInRetryCount:: 10
                  dataRetryDelay:: 1800 seconds
                inspectionWindow:: 21600 seconds
                  timezoneOffset : -480 minutes
                      checkInNow:: false
                    noFilesystem:: false
                      noRegistry:: false
                     noWinUpdate:: false
                        noSystem:: false
                       noPackage:: true^M
            [2018-12-20 19:51:50.929-0480] Checking in with server^M
            [2018-12-20 19:51:50.929-0480]  Server = > 'agent.vulndetect.com'^M
            [2018-12-20 19:51:50.929-0480] Waiting 27 minutes before first check-in^M
            [2018-12-20 20:18:59.940-0480] Found 'computerName' = 'xxxx'^M
            [2018-12-20 20:18:59.947-0480] Connecting to server: agent.vulndetect.com^M
            [2018-12-20 20:19:00.652-0480] Server returned 201 =>^M
            [2018-12-20 20:19:00.671-0480] Check-in complete^M
            [2018-12-20 20:19:00.671-0480] Next scheduled check-in is in 3 minutes^M
            [2018-12-20 20:19:00.672-0480] Current configuration:
                         version:: 0.10.11.0
                          server : agent.vulndetect.com
                           guid1::
                           guid2::
                           guid3::
                 checkInInterval : 180 seconds
               checkInRetryDelay : 60 seconds
            maxCheckInRetryCount : 2
                  dataRetryDelay : 600 seconds
                inspectionWindow : 21600 seconds
                  timezoneOffset : -480 minutes
                      serverTime : 2018-12-20 20:18:59 (UTC)
              nextInspectionTime : 2018-12-21 14:00:00 (local time)
                      checkInNow:: false
                    noFilesystem : false
                      noRegistry : false
                     noWinUpdate : false
                        noSystem : false
                       noPackage:: true^M
            [2018-12-20 20:19:00.672-0480] No tasks to perform.^M
            

            The previous nextInspectionTime was 2018-12-20 14:00:00 (local time). So the next inspection time jumped a day.

            I believe this happens after a hibernate too, but I don't have the logs to prove it. In my case though it means even though the agent has been installed for weeks, my system never gets inspected unless I leave the system running 24x7.

            I think there is a bug in your time arithmetic for setting nextInspectionTime.

            T 2 Replies Last reply Reply Quote 0
            • T
              Tom VulnDetect Team Member @KI108 last edited by

              @KI108 It appears that only the admin user is notified about post awaiting approval. And we don't usually use the admin account - so we didn't see it. Sorry. I've changed some settings and hope that my "Moderator" user will see it.
              But now I will "up vote" your posts, and if someone else also does that, then you can post without approval next time.

              /Tom
              Download the latest SecTeer VulnDetect agent here:
              https://vulndetect.com/dl/secteerSetup.exe

              1 Reply Last reply Reply Quote 0
              • K
                KI108 @Ted last edited by

                @Tom
                I have this same issue. I reported it earlier, but I don't see my post anywhere.
                Log shows same message every 3 minutes

                [2018-12-20 04:30:32.119-0360] Current configuration:
                version:: 0.10.11.0
                server : agent.vulndetect.com
                guid1::
                guid2::
                guid3::
                checkInInterval : 180 seconds
                checkInRetryDelay : 60 seconds
                maxCheckInRetryCount : 2
                dataRetryDelay : 600 seconds
                inspectionWindow : 21600 seconds
                timezoneOffset : -360 minutes
                serverTime : 2018-12-20 04:30:33 (UTC)
                nextInspectionTime : 2018-12-20 13:10:00 (local time)
                checkInNow:: false
                noFilesystem : false
                noRegistry : false
                noWinUpdate : false
                noSystem : false
                noPackage:: true
                [2018-12-20 04:30:32.119-0360] No tasks to perform.

                T 1 Reply Last reply Reply Quote 1
                • T
                  Ted @VulnDetect last edited by

                  @vulndetect Hi Tom,

                  Thank you.

                  1 Reply Last reply Reply Quote 0
                  • V
                    VulnDetect @Ted last edited by

                    @ted It's fine, we'll try to sort it out, soon.

                    /Tom

                    T 1 Reply Last reply Reply Quote 0
                    • T
                      Ted @VulnDetect last edited by

                      @vulndetect Hi Tom,

                      To be honest with you, I don't know that for sure if it came in a bundle with CS6. I know if I uninstall QuickTime there are some errors using PS/LR.
                      There are a lot of file extensions using QuickTime associated with CS6. So, this isn't an option to uninstall.

                      V 1 Reply Last reply Reply Quote 0
                      • T
                        Tom VulnDetect Team Member @GregAlexandre last edited by

                        @gregalexandre Did you approve the agent in the "Configuration" at https://carma.secteer.com/personal-carma/#/configuration
                        I just ran my agent, and it got the expected response. Let me know and perhaps you can send me the full log tomorrow to tom [at] @vulndetect dot com

                        /Tom
                        Download the latest SecTeer VulnDetect agent here:
                        https://vulndetect.com/dl/secteerSetup.exe

                        1 Reply Last reply Reply Quote 0
                        • G
                          GregAlexandre last edited by

                          Hi,
                          I have same issue.
                          I have an "access denied" to server (translation from french sentence) in the secteer.log
                          Any idea.
                          Regards;
                          [2018-05-19 21:04:40.011+0120] Waiting 6 minutes before retrying
                          [2018-05-19 21:10:40.014+0120] Connecting to server: carma.secteer.com
                          [2018-05-19 21:10:40.394+0120] Server returned 401 =>
                          [2018-05-19 21:10:40.397+0120] Server response body: Unauthorized
                          [2018-05-19 21:10:40.397+0120] Failed to check in with server: italicised textaccess denied*

                          T 1 Reply Last reply Reply Quote 0
                          • V
                            VulnDetect last edited by

                            That is interesting.
                            What I would like to know is if QuickTime is associated with any extensions and if it is installed as a plugin in any browser.
                            If it isn't, then we need to find a way to exclude it from the scan result.
                            But if it is an independent application that is installed like in the old days, then we have to detect it and recommend that it is uninstalled.
                            It is a bit like Java, which often is bundled with other applications, but can't be activated via file associations and via browsers, in which case the attack vectors are limited or non-existent.

                            /Tom

                            T 1 Reply Last reply Reply Quote 0
                            • T
                              Ted @VulnDetect last edited by

                              @vulndetect

                              I knew it had to do with Adobe, that's why I didn't uninstall it yet.

                              0_1526744609680_1d94242c-b4f3-41dd-b751-490fcce6726b-image.png

                              1 Reply Last reply Reply Quote 0
                              • T
                                Ted @VulnDetect last edited by

                                @vulndetect I know and I don't rely on it for now. I have to uninstall QuickTime yet.

                                Thanks for reminding me.

                                1 Reply Last reply Reply Quote 0
                                • V
                                  VulnDetect @Ted last edited by

                                  @ted The rule production will being improved next week. Do not rely 100% on the current result.
                                  However, your QuickTime is really EoL and ought to be uninstalled.

                                  /Tom

                                  T 2 Replies Last reply Reply Quote 0
                                  • T
                                    Ted @OLLI_S last edited by

                                    @olli_s

                                    All safe, only QuickTime is Unknown.

                                    0_1526739204896_3f01976f-5864-4a7d-b3e2-6b9aa08cfed2-image.png

                                    V 1 Reply Last reply Reply Quote 0
                                    • T
                                      Tom VulnDetect Team Member @Ted last edited by

                                      @ted It appears that it missed the Inspection window. Beware that the "Hour of day" may not correspond to your timezone. I have seen this in one other case. Adjust until you see "in an hour" for "Next Inspection".
                                      This is something we are working actively with and will adjust so it is more user friendly.

                                      /Tom
                                      Download the latest SecTeer VulnDetect agent here:
                                      https://vulndetect.com/dl/secteerSetup.exe

                                      1 Reply Last reply Reply Quote 0
                                      • T
                                        Ted @Ted last edited by

                                        @ted said in Nothing to see:

                                        I'am using VPN and there is no System Tray Icon to see.

                                        1 Reply Last reply Reply Quote 0
                                        • T
                                          Ted @Tom last edited by

                                          @tom OK, then we wait. Thanks.

                                          1 Reply Last reply Reply Quote 0
                                          • T
                                            Ted @OLLI_S last edited by

                                            @olli_s

                                            still nothing:

                                            0_1526737575558_36efc5d1-b97c-4d5d-91e7-275affd5d218-image.png

                                            T 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

                                            Please see our Privacy and Data Processing Policy
                                            Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
                                            Forum software by NodeBB