bitdefender -- is oracle1 [or avast1] ok?

Moderators: Site Moderators, FAHC Science Team

bitdefender -- is oracle1 [or avast1] ok?

Postby Knish » Tue May 26, 2020 10:28 pm

not exactly sure how to word this, but trying to go to the IP address yielded
This server could not prove that it is 150.136.14.110; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.


The reason I checked it in the first place is some other user asked about bitdefender flagging it when they were trying to upload WU results to it.
Knish
 
Posts: 95
Joined: Tue Mar 17, 2020 6:20 am

Re: oracle1 ok?

Postby JimboPalmer » Tue May 26, 2020 10:59 pm

I sure wish I understood what you hope to be asking.
Tsar of all the Rushers
I tried to remain childlike, all I achieved was childish.
A friend to those who want no friends
JimboPalmer
 
Posts: 2032
Joined: Mon Feb 16, 2009 5:12 am
Location: Greenwood MS USA

Re: oracle1 ok?

Postby Knish » Tue May 26, 2020 11:27 pm

oracle1 is one of the Work Servers on 150.136.14.110

one of the steps before notifying ppl of issues with a server is to try to check the status of it by going to it in the web browser.
I saw someone ask a question about oracle1 possibly getting compromised b/c of a bitdefender alert.
I then checked the server myself in my web browser, and chrome did not go to it, and the above message was the reason why.

so, i'm wondering if there's some issue with oracle1, or if it can all be explained somehow
Knish
 
Posts: 95
Joined: Tue Mar 17, 2020 6:20 am

Re: oracle1 ok?

Postby Joe_H » Tue May 26, 2020 11:33 pm

I have no problems getting to oracle1 and seeing the landing page, how old is the system and browser? In any case, oracle1 is a WS for F@h and the folding client does not use a certificate to access Work Servers to download or upload WUs.

As far as bitdefender is concerned, probably yet another of its false positives.

P.S. If you look up the IP, it is plainly listed as being in the Oracle Public Cloud.
Image

iMac 2.8 i7 12 GB smp8, Mac Pro 2.8 quad 12 GB smp6
MacBook Pro 2.9 i7 8 GB smp3
Joe_H
Site Admin
 
Posts: 6584
Joined: Tue Apr 21, 2009 5:41 pm
Location: W. MA

Re: oracle1 ok?

Postby Knish » Wed May 27, 2020 12:05 am

i'm pretty out of date on ubunt 17 and chrome ver62. I went to check again and now I don't get that error and I see the "WS for FAH" now. how odd.

figured it'd be a false positive regarding bitdefender; thanks
Knish
 
Posts: 95
Joined: Tue Mar 17, 2020 6:20 am

Infected web resource 69.94.66.6 server

Postby Lynx » Fri Jun 05, 2020 2:23 pm

Hi, not sure if anyone can help me with this problem. Have been running F@H on my computer since last summer, using Bitdefender as my AV and have never received this message from any of the servers, but over the past 2 weeks have received the warning for 2 servers . Most recent is 69.94.66.6 and previously was 150.136.14.110
Lynx
 
Posts: 2
Joined: Fri Jun 05, 2020 2:18 pm

Re: Infected web resource 69.94.66.6 server

Postby Neil-B » Fri Jun 05, 2020 3:30 pm

See https://foldingforum.org/viewtopic.php?f=18&t=35385&p=335641&hilit=bitdefender#p335641 … looks as if Bitdefender may have been throwing some false positives?
1: 2x Xeon E5-2697v3@2.60GHz, 512GB DDR4 LRDIMM, SSD Raid, Win10 Ent, Quadro K420 1GB, FAH 7.6.13
2: Xeon E3-1505Mv5@2.80GHz, 32GB DDR4, NVME, Win10 Pro, Quadro M1000M 2GB, FAH 7.6.13
3: i7-960@3.20GHz, 12GB DDR3, SSD, Win10 Pro, GTX 750Ti 2GB, FAH 7.6.13
Neil-B
 
Posts: 1405
Joined: Sun Mar 22, 2020 6:52 pm
Location: UK

Re: Infected web resource 69.94.66.6 server

Postby Lynx » Fri Jun 05, 2020 4:39 pm

So that's the explanation, it's Bitdefenders fault, despite the fact that I've been running it since July last year without one warning like this, then all of a sudden it gives me this warning for 2 of the F@H servers :-| Not possible that someone's hacked or compromised the great F@H servers, not even worth a look into or possibility. Guess for now I'll just shut the client down and maybe sometime in the future give ti a go again, my electricity bill will thank me for it, don't need to go risking getting my system full of who knows what.

Neil-B wrote:See https://foldingforum.org/viewtopic.php?f=18&t=35385&p=335641&hilit=bitdefender#p335641 … looks as if Bitdefender may have been throwing some false positives?
Lynx
 
Posts: 2
Joined: Fri Jun 05, 2020 2:18 pm

Re: bitdefender -- is oracle1 ok?

Postby Neil-B » Fri Jun 05, 2020 5:09 pm

I said "it looks as if Bitdefeder may have been" ... I didn't say it is Bitdefenders fault ... Bitdefender is one product on the market are quite a few and other approaches as well that identify compromised servers ... If the servers are compromised (and I would expect someone to be checking this given your post) then it is likely that various other alerts will also be posted as other people have issues.

The servers have software updates and even these changes can cause some security software to flag issues ... normally a single or small number of reports turns out to be false positives - but I am sure the team will check.

Obviously if you feel that the risk is such that any alert is too many then of course feel free to cease to connect to the servers ... You can also report the server to Bitdefender who will check if it is a false positive https://www.bitdefender.com/consumer/support/answer/29358/ and provide you with reassurance if it is.

As this is a security issue you may want to try reporting this via https://github.com/FoldingAtHome/fah-issues/security/policy even though I believe this may be for the client software I believe this developer also knows the servers quite well and works on the server side infrastructures.

The first IP you mention is Oracle1 - hence the reason I simply posted the link to allow this to be matched up - not to dismiss your concerns.

The second IP (the one in your subject line) is actually a different one - and I am slightly intrigued by its "name as avast1.foldingathome.org" as may just be a coincidence but Avast are one of the more known antivirus vendors.
Neil-B
 
Posts: 1405
Joined: Sun Mar 22, 2020 6:52 pm
Location: UK

Re: bitdefender -- is oracle1 ok?

Postby Joe_H » Fri Jun 05, 2020 5:40 pm

As you did not give any indication of what issue Bitdefender reported, it will be hard for anyone to check. At least the other person did report a certificate issue, and that can safely be overlooked as the FAHClient will be checking the internal digital signatures of each file it downloads from the servers. The client does not use site certificates.

But as Neil-B posted, someone will check into this. If it was a certificate problem, most likely it may be a mismatch from the certificate site address and the current naming as avast1.foldingathome.org.

As for your snark, I suggest you look up just how often Bitdefender does report on false positives. That is also an issue with many other such software. And next time read what was actually written, not your own internal dialog.
Joe_H
Site Admin
 
Posts: 6584
Joined: Tue Apr 21, 2009 5:41 pm
Location: W. MA


Return to Issues with a specific server

Who is online

Users browsing this forum: No registered users and 1 guest

cron