Description | This article describes the reason why no registration password is asked to uninstall Linux collector in application mode. |
Scope |
FortiEDR and Linux Collector. |
Solution |
A registration password is normally required to uninstall FortiEDR Linux collector from endpoints. However, if Linux collector runs application (user-space) mode only, a registration password is not required to uninstall a collector. Because there is no hardening in user-space collector.
To check if the Linux collector runs application (user-space) mode only, please run the command below:
# /opt/FortiEDRCollector/control.sh –status
In this example, this collector runs application (user-space) mode only and does not require a registration password for uninstallation.
To check the operation modes of Linux collector, visit the following link: https://community.fortinet.com/t5/FortiEDR/Technical-Tip-Linux-Supported-Operating-Systems/ta-p/2040... |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.