Nothing to see

Ted · 19 May 2018, 12:58

There's is nothing to see, when I using SecTeer Personal Carma.

Any idea?

Tom · 19 May 2018, 13:10

Under configuration, what does the "Last CheckIn" and "Last Inspection" say?

Ted · 19 May 2018, 13:12

I'am using VPN and there is no System Tray Icon to see.

Tom · 19 May 2018, 13:13

@ted OK, this explains, the agent did not yet do an inspection. With the current schedule it will take 10 hours.
Btw. you may want to delete / modify the picture / comment, since it displays your IP.

OLLI_S · 19 May 2018, 13:26

@Ted just set in the configuration the "Hour of day to run inspections" to closer time and the scan will start.

Tom · 19 May 2018, 13:31

@ted I just noticed your comment about Tray Icon. That is not yet implement and will only be implemented, if we don't come up with a better concept.

Ted · 19 May 2018, 13:35

@ted said in Nothing to see:

I'am using VPN and there is no System Tray Icon to see.

Ted · 19 May 2018, 13:46

@olli_s

still nothing:

Ted · 19 May 2018, 13:47

@tom OK, then we wait. Thanks.

Ted · 19 May 2018, 14:06

@ted said in Nothing to see:

I'am using VPN and there is no System Tray Icon to see.

Tom · 19 May 2018, 14:13

@ted It appears that it missed the Inspection window. Beware that the "Hour of day" may not correspond to your timezone. I have seen this in one other case. Adjust until you see "in an hour" for "Next Inspection".
This is something we are working actively with and will adjust so it is more user friendly.

Ted · 19 May 2018, 14:14

@olli_s

All safe, only QuickTime is Unknown.

VulnDetect · 19 May 2018, 14:40

@ted The rule production will being improved next week. Do not rely 100% on the current result.
However, your QuickTime is really EoL and ought to be uninstalled.

Ted · 19 May 2018, 14:50

@vulndetect I know and I don't rely on it for now. I have to uninstall QuickTime yet.

Thanks for reminding me.

Ted · 19 May 2018, 15:44

@vulndetect

I knew it had to do with Adobe, that's why I didn't uninstall it yet.

VulnDetect · 19 May 2018, 15:55

That is interesting.
What I would like to know is if QuickTime is associated with any extensions and if it is installed as a plugin in any browser.
If it isn't, then we need to find a way to exclude it from the scan result.
But if it is an independent application that is installed like in the old days, then we have to detect it and recommend that it is uninstalled.
It is a bit like Java, which often is bundled with other applications, but can't be activated via file associations and via browsers, in which case the attack vectors are limited or non-existent.

GregAlexandre · 19 May 2018, 21:29

Hi,
I have same issue.
I have an "access denied" to server (translation from french sentence) in the secteer.log
Any idea.
Regards;
[2018-05-19 21:04:40.011+0120] Waiting 6 minutes before retrying
[2018-05-19 21:10:40.014+0120] Connecting to server: carma.secteer.com
[2018-05-19 21:10:40.394+0120] Server returned 401 =>
[2018-05-19 21:10:40.397+0120] Server response body: Unauthorized
[2018-05-19 21:10:40.397+0120] Failed to check in with server: italicised textaccess denied*

Tom · 19 May 2018, 22:03

@gregalexandre Did you approve the agent in the "Configuration" at https://carma.secteer.com/personal-carma/#/configuration
I just ran my agent, and it got the expected response. Let me know and perhaps you can send me the full log tomorrow to tom [at] @vulndetect dot com

Ted · 20 May 2018, 10:48

@vulndetect Hi Tom,

To be honest with you, I don't know that for sure if it came in a bundle with CS6. I know if I uninstall QuickTime there are some errors using PS/LR.
There are a lot of file extensions using QuickTime associated with CS6. So, this isn't an option to uninstall.

VulnDetect · 20 May 2018, 16:24

@ted It's fine, we'll try to sort it out, soon.