V4 Troubleshooting FAQ
TLS 1.0 Vulnerability False Positive
Open PowerShell as an administrator on the reported agent machine
Navigate to the Agent NMAP folder
cd C:\Program Files (x86)\CyberCNSAgent\nmap\Run the below NMAP command
.\nmap.exe --script ssl-enum-ciphers -p 3389 <Target_IP>
Capture that output and share it with our engineering teams.
Enable SMB Communication with PowerShell Commands
These commands will help set SMB to True and help successfully scan an asset.
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB2 -Type DWORD -Value 1 -Force
Set-NetFirewallRule -DisplayName "File And Printer Sharing (SMB-In)" -Enabled true -Profile Any
Set-NetFirewallRule -DisplayName "File And Printer Sharing (NB-Session-In)" -Enabled true -Profile Any
Additionally, add below registry key post enabling SMB for Windows 11 to get information using SMB:
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
ConnectSecure V4 Agent Update Script
This script can help with basic troubleshooting when the agent is not showing online and will ensure the CyberCNSAgent.exe is validated and running the latest version.
Tap the file below to grab the script:
You must replace and update the 'x' with your Company and Tenant ID
Checking Logs
Agent Logs - work in progress
Patch logs - work in progress
Credential Scan failing
Please use validate SMB process
Please download the executable to help check for SMB status for assets getting scanned via Probe agent.
https://betadev.mycybercns.com/agents/validatesmb/validatesmb.exe
Open PowerShell as an administrator
Run below command on the probe agent system
For Domain joined asset:
>> .\validatesmb.exe validatesmb IP domain username password
Example
>> .\validatesmb.exe validatesmb 10.0.0.202 abc.com administrator abcd@987#
For workgroup asset:
>>.\validatesmb.exe validatesmb IP '""' username password
Example
>>.\validatesmb.exe validatesmb 10.0.0.202 '""' administrator abcd@987#