Table of Contents | ||||
---|---|---|---|---|
|
Info |
---|
Thank you for choosing CyberCNS. Please find below scenarios to help you choose the type of Agent suitable for your environment. Please note CyberCNS supports only 64-bit systems for agent installation purposes. |
...
Info |
---|
|
A Probe or Network Agent is typically installed on any one machine in the network and it will scan all assets in that defined network.
A Lightweight agent, on the other hand, is installed on an end - user’s system and will only scan that particular asset (useful in work-from-home scenarios when the user is not on the corporate/office network).
The agent will behave as a Probe or Lightweight agent depending on the command line arguments passed while installation. These commands are to be used for installation and are readily provided in the CyberCNS console while downloading an agent.
CyberCNS agent uses silent installation so it is easy to push through any RMM.
Probe & Lightweight agents pull the same information except, lightweight does not provide Network Scan Findings.
...
UBUNTU OS | |
Ubuntu 22.04 LTS | Jammy Jellyfish |
Ubuntu 20.04 LTS | Focal Fossa |
Ubuntu 18.04 LTS | Bionic Beaver |
CENT OS | |
CentOS - 7.0 | |
CentOS - 8.0 | |
REDHAT LINUX OS | |
RHEL 7 | Maipo |
RHEL 8 | Ootpa |
DEBIAN OS | |
Debian 7 | Wheezy |
Debian 8 | Jessie |
Debian 9 | Stretch |
Debian 10 | Buster |
Debian 11 | Bullseye |
MAC OS | |
OS X 10.9 | Mavericks (Cabernet) |
OS X 10.10 | Yosemite (Syrah) |
OS X 10.11 | El Capitan (Gala) |
macOS 10.12 | Sierra (Fuji) |
macOS 10.13 | High Sierra (Lobo) |
macOS 10.14 | Mojave (Liberty) |
macOS 10.15 | Catalina (Jazz) |
macOS 11 | Big Sur (GoldenGate) |
macOS 12 | Monterey (Star) |
MICROSOFT WINDOWS OS | |
windows 8 (64-bit) | |
windows Windows 8.1 (64-bit) | |
windows windowsWindows 10 (64-bit) | |
windows Windows 11 (64-bit) | |
Windows server 2008 (64-bit) | |
Windows server Server 2008 R2 (64-bit) | |
Windows server 2012 (64-bit) | |
Windows server Server 2012 R2 (64-bit) | |
Windows server 2016 (64-bit) | |
Windows server Server 2019 (64-bit) | |
Windows server 2022 (64-bit) |
...
Command line Parameter | Description | |
1 | -c | Companyid. Unique id of the company which is a guid. |
2 | -a | ClientId. This is a clientid that identifies a company in the installation. This is used to authenticate the agent against the Keycloak Openid so that it has only specific permissions. A modified version of an agent can never delete data using these credentials |
3 | -s | ClientSecret This is a secret that authenticates the clientid in the installation. This is used to authenticate the agent against the Keycloak Openid so that it has only specific permissions. A modified version of an agent can never delete data using these credentials |
4 | -b | Base URL or Domain. CyberCNS domain that the agent needs to check into. <company name>.mycybercns.com For V3 please use portal.mycybercns.com/me/<domain name> |
Probe Type-Specific Options | ||
5 | -i | Install as a service. This must be followed by the Service Role that can be
|
6 | -m | Run without creating a service or installing as in the case of conducting an assessment. This must be followed by the Service Role that can be
|
...
1 | -d | Run agent in debug or verbose mode on the command line. This is usually to debug a problem when discovery does not happen |
2 | -h | Help Text display of all options |
3 | -u | Force an update of the agent. Checks if a new version is available and upgrades itself |
4 | -v | Display the version of the agent |
...
Info |
---|
Please use below Direct Download URL for agent download in case required. URL used under Probes/Agents comes with expiry so not suitable for agent push through RMM. https://configuration.mycybercns.com/api/v3/configuration/agentlink?ostype=windows >>supported ostype keys For Windows -> windows For Linux -> linuxLinux For MAC -> darwin For ARM / Raspberry Pi. -> arm |
...
The Probe is a Windows Service that is installed on the windows Windows machine in the network you would be running scans on. The Windows Service runs under the local system permission but requires the following prerequisites
4 core CPU on the machine
Minimum of 4 GB RAM for the first 1000 Assets and 1GB for every additional 500 assets.
Reach-ability Reachability to all the subnets needs to scan.
Ports 443 outbound opened to the installation domain <yourcompany>.mycybercns.com
Admin SMB shares permission to login into the remote system and fetches required data.
The Probe is useful for an office environment where you have controlled IP Addressing.
It deploys the following techniques to get to the devices
Windows - It attempts to use the Admin SMB share to send a small executable called the Dissolvable agent that it then runs on the remote machine to fetch the details. It probes the shares using standard SMB tools and does an NFS discovery to check any NFS shares.
Active Directory - It uses SMB to query the users, and groups from the Credentials provided during the AD setup in the Master credentials.
Linux - It uses SSH credentials to log in to the box and figure out using Linux commands what is running on the machines.
Network Devices - It uses SNMP to discover the Sysobjectid and look up the version of the device and then query the vulnerabilities for the version. It also connects to OEM APIs to get the vulnerability details.
You can discover multiple subnets(CIDR/IP Range/Static IP) using a single Probe.
The probe will require AD Credentials in the case of the AD environment for scanning purposes.
In the case of a Non-AD Environment, if any central system is able to communicate with the other systems in the network it solves the purpose.
...
🔸 Linux, VM, Darwin- The user must have ssh access to execute the scripts and copying copy the files to the temp directory to execute and remove the copied files.
...
🔸 Select the option to install either as Probe or Lightweight, click on Download once the option is chosen, and then run the command for the selected company as shown below.
...
Once the download is completed, select the option to Scan and run the command.
Scan The scan agent will help to do a one-time scan.
...
Download the Linux agent from the company & open terminal
At the terminal run >> Sudo Su
Navigate to the downloaded path and give executable permission for the installation script by using the commands below commands.
Code Block |
---|
chmod +x cybrcnsagent_linux |
...
🔸 Select the option to install either as Probe or Lightweight, click on Download once the option is chosen, and then run the command for the selected company as shown below.
...
Once the download is completed, select the option to Scan and run the command.
Scan The scan agent will help to do a one-time scan.
...
Download the ARM agent from the company & open terminal
At the terminal run >> Sudo Su
Navigate to the downloaded path and give executable permission for the installation script by using the commands below commands.
Code Block |
---|
chmod +x cybrcnsagent_arm |
...
🔸 Select the option to install either as Probe or Lightweight, click on Download once the option is chosen, and then run the command for the selected company as shown below.
...
Once the download is completed, select the option to Scan and run the command.
Scan The scan agent will help to do a one-time scan.
...
Info |
---|
|
Select the agent and click on Global action Action andclick on Agent Migration.
...
Info |
---|
In case the CyberCNS Agent yet has issues reporting to the CyberCNS portal post-installation, it can be run into debug mode as follows to check the issue. The output of the below action can be shared with support@cybercns.com. |
...
Debug Mode Command:-
In Linux
-->open > Open terminal with privileged user
...
Info |
---|
|
Please use the option with the proxy format for an authenticated proxy:
-p username:password@IPaddress or Hostname:port
e.g. -p user:pass@proxy.example.me:3128
For unauthenticated Proxy
-p IPaddress or Hostname:port
e.g. -p proxy.example.me:3128
Tags support for LightWeight Agent
Info |
---|
|
...