App Control: Yara Rules Out of Date - non-success[00000193]
search cancel

App Control: Yara Rules Out of Date - non-success[00000193]

book

Article ID: 288383

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • Agents in the Console show "Yara Rules out of Date".
  • Trace.bt9 log (created in high debugging) shows:
    2024-01-04T12:17:08-06:00 -1 (1CC8) - HTTP: WinHttpQueryHeaders returned with non-success[00000193] on https://ServerAddress/hostpkg/pkg.php?pkg=Yara.bt9
    2024-01-04T12:17:08-06:00 -1 (1CC8) - CopyOrDownloadFile: Failed to obtain file from 'https://ServerAddress/hostpkg/pkg.php?pkg=Yara.bt9': WinHttpQueryHeaders StatusCode[00000193] Target[\\?\globalroot\device\harddiskvolume2\programdata\bit9\parity agent\Yara\Server-v7-20240104-1217080165.bt9]

Environment

  • App Control Console: All Supported Versions
  • App Control Agent: All Supported Versions

Cause

Proxy not allowing connection over 443 to the App Control server

Resolution

  1. Open a command prompt with administrative rights
  2. Run: 
    netsh winhttp show proxy
  3. If a proxy exists, ensure proxy is set from the command line as:
    netsh winhttp set proxy proxy-server="<proxyservername>" bypass-list=<cbprotectionservername>;<Existing Bypass Lists>
  4. A reboot may be required to restore the connection

Additional Information

NOTE: Certain proxies may also require the App Control Server ports 41002 + 443 added to the server name > e.g: AppControlServerNameHere.local:41002 AppControlServerNameHere.local:443 (Replace AppControlServerNameHere with the actual name of your App Control Server)