Notifications

25 views

Description

Enabling Credential-less discovery installs nmap and npcap on the MID Server host.  

Cause

When npcap is installed, by default it creates a virtual loopback interface on the MID Server host. 
There are instances where the installation of this virtual loopback adapter by nmap tends to create DNS resolution conflicts on the host machine. Though this is a control from nmap as a tool, we do have a means of disabling the loopback adapter from being created.

Resolution

1. Head into the ecc_agent_script_file table
https://<INSTANCE-NAME>.service-now.com/ecc_agent_script_file_list.do

2. In the name filed filter for the keyword "NmapInstallation.ps1"
Open the script NmapInstallation.ps1

3. In the script NmapInstallation.ps1, in line 67 we have
$nmap_installer_params = "/S /REGISTERPATH=NO /ZENMAP=NO "
This needs to change to
$nmap_installer_params = "/S /REGISTERPATH=NO /ZENMAP=NO /LOOPBACK_SUPPORT=NO"

Please note:

  • As soon as we change the script on the instance all active MID Servers will sync to this version and if we enable credential-less discovery following this on the MID Server, it will utilize the new script
  • Using /LOOPBACK_SUPPORT=NO, we install npcap but we don't create any virtual loop back interface
  • Please be aware that if NPCAP was already installed on the host machine we don't re-intsall npcap, but we use the existing one. In the case that npcap was installed on the host machine with default (lookback_support = true) , we will need to disable the adapters manually
  • Test if discovery runs without issues

 

 

Article Information

Last Updated:2019-09-03 17:23:25
Published:2019-09-04