Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: Does Disabling the CRL Check on Sensors Open Communications to Man in the Middle Attacks?

Carbon Black Cloud: Does Disabling the CRL Check on Sensors Open Communications to Man in the Middle Attacks?

Environment

  • Carbon Black Cloud Sensor: All Supported Versions 
  • Microsoft Windows: All supported versions

Question

Does disabling the Certificate Revocation List (CRL) check at the time of Sensor install result in the Sensor becoming open to man-in-the-middle attacks?

Answer

Disabling the CRL check does not immediately open the Sensor to man in the middle attacks

Additional Notes

  • CRL checks often fail when proxies are involved because the CRL check process is offloaded to WinHTTP

Related Content


Was this article helpful? Yes No
100% helpful (2/2)
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
2725
Contributors