Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

[Cb Response] Announcing the General Availability of the server version 6.2.3 and Win sensor 6.1.7 for On-prem Customers

[Cb Response] Announcing the General Availability of the server version 6.2.3 and Win sensor 6.1.7 for On-prem Customers

Hello all,

The Cb Response Team is pleased to announce the General Availability of the 6.2.3 version of the Server on August 15, 2018. This is a maintenance release addressing bug fixes and stability enhancements. A few things to bring to your attention:

  • We’ve added support for CentOS 7 for net-new installs!
  • We've also added support for CentOS 6.10
  • We’ve enhanced query functionality from the UI, allowing blocking of some resource intensive queries. This feature only applies to query run through the console, and will not impact queries run from the API. The Blocking Setting will be on by Default, and can be disabled by Global Admins in the Settings menu. If a search is blocked, you'll see a red pop-up in the upper-right hand corner of the screen.
  • Additionally, watchlist enhancements include feedback in the UI if a watchlist times out. 
  • We’ve made other small Improvements and bug fixes throughout the product.

For more detailed information, please refer to the Cb Response 6.2.3 Release Notes. Updated Documentation for 6.2.3:

CentOS7 Support

The Cb Response team is excited to announce the first step in providing CentOS/RHEL 7 support. Starting with the 6.2.3 release of the server, Customers will have the option to install a net-new server on CentOS/RHEL 7.3. There a few things to note with the initial support of CentOS/RHEL 7.

  1. This initial release is for net-new installations only. There is no migration path from CentOS 6 to CentOS 7 in the 6.2.3 release. We will be providing a migration tool in the future.
  2. We have qualified version CentOS/RHEL 7.3 for the initial release. Future releases will qualify addition versions in CentOS/RHEL 7-series.

Cb Response still supports CentOS 6.7 - 6.10, and there no plans to remove support for the CentOS 6-series OS.

Updated Yum Links

In order to support the delivery of multiple versions of the 6.2.3 server, we’ve updated our Yum links. Our yum links now use variables to dynamically build the link and pull the correct version of the server for the OS your machine is running. This means that if you access the yum repo from a CentOS6 machine, you will pull the version of the server for CentOS6. If you access the same link, but from a CentOS7 machine, you will pull the version of the server for CentOS7.
Links before looked like this:

With the change, the links now look like this:

The links pointing to previous versions will still work without any change.

Windows Sensor version 6.1.7

Additionally, the 6.2.3 server release contains the new 6.1.7 Windows sensor. The contains the following changes/fixes:

  • It resolves slow boot times on machines running the Windows 10 1803 build.

  • Additionally, it addresses high memory consumption by the CbR Windows Sensor running on machines.

  • The release also addresses some conflicts with machines running Cisco AnyConnect VPN while running the CbR Windows Sensor

For more details, please check out the release notes here:

It is always recommended that you adopt a phased roll-out of this sensor in-line with your organization's software deployment best practices.

Installing the 6.1.7 Windows Sensor

To install the sensors on to your server, run through the following instructions:

1) Ensure your yum repo is set appropriately:

2) Run yum install --downloadonly --downloaddir=<local directory to download the package into> <package>

    • <package> is replaced by cb-sensor-6.1.7.80722-win

3) Run rpm -i --force <package downloaded>  Then:

    • Run /usr/share/cb/cbcheck sensor-builds --update

Your new sensor versions should now be available via the console. If you have any issues, please contact Carbon Black Technical Support.

Thanks!

The Cb Response Team

Labels (1)
Comments

Filename for the 6.1.7 windows sensor?

Where can we find the file for the 6.1.7 sensor?

The RPM name for the 6.1.7 windows sensor is cb-sensor-6.1.7.80722-win.

The instructions to download and install the stand-alone sensor without upgrading your existing server is identical to those in

[Cb Response] Announcing General Availability of 6.1.6 Windows Sensor

using the package name above and taking note of the Yum link URL changes noted above.

Apologies for the omission of this information in the release notes above.

The RPM name for the 6.1.7 windows sensor is cb-sensor-6.1.7.80722-win.

The instructions to download and install the stand-alone sensor without upgrading your existing server is identical to those in

[Cb Response] Announcing General Availability of 6.1.6 Windows Sensor

using the package name above and taking note of the Yum link URL changes noted above.

Apologies for the omission of this information in the release notes above.

[root@ze600XXX user]# yum install --downloadonly --downloaddir=/home/blackc/ cb-sensor-6.1.7.180722-win

Loaded plugins: presto, security

Setting up Install Process

CarbonBlack                                                                                                                                                                                                           |

CbOpenSource                                                                                                                                                                                                          cbr-qualifier                                                                                                                                                                                                         |

No package cb-sensor-6.1.7.180722-win available.

Error: Nothing to do

Is something wrong?

I had a typo in the RPM name, just corrected in my earlier comment. We will also post it as a separate DOC with install instructions on 6.1.7 Windows today.

This should work:

yum install --downloadonly --downloaddir=<download-path> cb-sensor-6.1.7.80722-win

I had the same issue as above even after changing the package name.

Here is my output:

yum install --downloadonly --downloaddir=/home/pprasai-a/ cb-sensor-6.1.7.80722-win                                                                                                                           Loaded plugins: enabled_repos_upload, package_upload, product-id, search-disabled-repos, security, subscription-manager

Setting up Install Process

rhel-6-server-rh-common-rpms                                                                                                                                                                                           | 2.1 kB     00:00

rhel-6-server-rhn-tools-rpms                                                                                                                                                                                           | 1.8 kB     00:00

rhel-6-server-rpms                                                                                                                                                                                                     | 2.0 kB     00:00

rhel-6-server-satellite-tools-6.2-rpms                                                                                                                                                                                 | 2.1 kB     00:00

No package cb-sensor-6.1.7.80722-win available.

Error: Nothing to do

Uploading Enabled Repositories Report

Loaded plugins: product-id, subscription-manager

It didn't check The Cb Response repository.

Did you set up The Cb Response repository file properly according to the 1 step of Installing the 6.1.7 Windows Sensor?

Article Information
Author:
Creation Date:
‎08-14-2018
Views:
6097
Contributors