Sign In
Help
Employee Login
Knowledge Base
Access official resources from Carbon Black experts
Advanced Search
Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments |
Download Now
Carbon Black Community
:
Resources
:
Knowledge Base
:
Carbon Black Cloud: Does Disabling the CRL Check o...
Carbon Black Cloud: Does Disabling the CRL Check on Sensors Open Communications to Man in the Middle Attacks?
Options
Article History
Subscribe to RSS Feed
Bookmark
Subscribe
Printer Friendly Page
Report Inappropriate Content
Carbon Black Cloud: Does Disabling the CRL Check on Sensors Open Communications to Man in the Middle Attacks?
Environment
Carbon Black Cloud Sensor: All Supported Versions
Microsoft Windows: All supported versions
Question
Does
disabling the Certificate Revocation List (CRL) check
at the time of Sensor install result in the Sensor becoming open to man-in-the-middle attacks?
Answer
Disabling the CRL check does not immediately open the Sensor to man in the middle attacks
Disabling of the CRL check could be leveraged for a man in the middle attack if a Sensor/Backend communication certificate is revoked
Additional information can be found about
What are some concerns with disabling the CRL check within the Sensor?
Additional Notes
CRL checks often fail when proxies are involved because the CRL check process is offloaded to WinHTTP
Related Content
Carbon Black Cloud: Sensor not connecting via proxy/firewall
Carbon Black Cloud: How To Configure Sensor Not To Require CRL Checks On Install
CB Defense: Why Are Godaddy's OCSP And CRL Domains Required When Installing A 3.3 + Sensor?
Carbon Black Cloud: What Ports must be opened on the Firewall and Proxy Servers?
Carbon Black Cloud: How to Adjust CRL checking for Best Effort
Labels
(9)
Labels:
Audit and Remediation
Carbon Black Cloud
Container
Endpoint Standard
Enterprise EDR
Managed Detection
Managed Detection and Response
Prevention
Workload
Tags
(13)
Tags:
audit and remediation
carbon black cloud
container
Endpoint Standard
Enterprise EDR
HBFW
Managed Detection
Managed Detection and Response
prevention
Q A
VCDR Ransomware Recovery
Workload
XDR
Was this article helpful?
Yes
No
100%
helpful
(2/2)
Article Information
Author:
CB_Support
Creation Date:
09-09-2020
Views:
2725
Contributors
CB_Support
Cookie Settings
Name
Valid.
Please fill out this field.
Email Address
InValid.
Please fill out valid email.
Uex Username
Company Name
Valid.
Please fill out this field.
Issue Type
Registration / Login / Password Issues
Can't Access Group
Add/Remove User
Group Admin Help
Partner
Uninstall Keys
Other
Please do not send sensitive data through this form
Description
Valid.
Please fill out this field.
Description length should be less 30K