Movere's November 2019 release is the result of incredible customer feedback! Windows Console & Bots version 22.214.171.124 and ARC Bots version 126.96.36.199 are now live.
This release provides greater support for legacy TLS and .NET systems, as well as support for devices with multiple IP addresses and hostnames, including the ability for bots to communicate to all naming conventions of the Console device.
This release also provides much-requested ability for the Movere Bots to refresh their token files directly from the cloud!
Direct Token Refresh
Starting with version 11.11.5, each Bot can request their own access token (Token.txt) directly from the cloud if connected to the internet. While the actual lifespan of the access token remains the same at 12 hours, we have added capabilities to each Bot to be able to request new tokens directly from the Cloud in addition to the Console, (the latter is still the default method). This serves as fallback in case the Movere Console is temporarily unavailable, or if port 443 is blocked on the target device. We advise customers to run the Movere Console as usual and confirm that it is installing as a Windows service at the end of each scan in order to facilitate propagation of secondary credentials, since these are not available from the Cloud.
Please Note: Direct token refresh is available for Bot4, Arc2, and Arc4 Bots only at this time, (direct token refresh support for Bot2 and Linux bots will come in a future release).
Support for Multiple Network Interfaces
The Movere Console can now communicate with Bots using all available IP Addresses. If the device running the Console has multiple network interfaces, the Console will detect this and send a list of all online IP Addresses, (and fully-qualified domain names), to the Bots, which in turn will attempt to communicate back with the Console using the full list IP addresses or FQDNs. If none of the addresses or FQDNs can be used to connect, the Bots will rely on internet access in order to upload data back to Movere. For simplicity, once an address has been deemed accessible, it will be saved and used exclusively from that point on, (e.g. each Bot saves its own address for the Console). If a user wants to enforce a single IP address, then the value of ServiceHostUrl under Movere.Service.exe.config can be edited accordingly to list a single address only, rather than a comma separate list. If a user wants to revert to the full list, then the ServiceHostUrl value can be erased ,(i.e. set to “”), and a new scan should be started. Movere will re-fill the full list of addresses automatically when the new scan is started.
Please Note: Movere only supports IPv4 at this time.
Legacy System Support
We have updated the Movere Service to provide greater support for systems that do not meet the current .NET or TLS requirements, increasing the ability to scan these legacy systems. The Movere Bots will now run through additional TLS and .NET architecture checks to ensure the correct scanning method is leveraged to successfully scan legacy system.
The Movere Console scanning logs have been consolidated in a single file (Log.Service.csv) which will grow up to 10MB in size, (configurable via the Movere.Service.exe.config file). The new logs have more verbose messages, including the flags used to configure scans and re-scans, as well as confirmation of Movere starting up in listener mode as a Windows Service at the end of a scan. In addition, the Windows Inventory and ARC bot logs have been updated to include connectivity confirmations back to the Movere Console and Cloud for events such as payload uploading and Token refresh.
The Usual Bug Fixes
This release also includes extra logging in the Movere Service and improved uninstallation of previous services when stopping and starting scans, as well as a bug fix for updating the ServiceHostUrl when running rescans.