Folding Forum

not exactly sure how to word this, but trying to go to the IP address yielded

This server could not prove that it is 150.136.14.110; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.

The reason I checked it in the first place is some other user asked about bitdefender flagging it when they were trying to upload WU results to it.

I sure wish I understood what you hope to be asking.

oracle1 is one of the Work Servers on 150.136.14.110

one of the steps before notifying ppl of issues with a server is to try to check the status of it by going to it in the web browser.
I saw someone ask a question about oracle1 possibly getting compromised b/c of a bitdefender alert.
I then checked the server myself in my web browser, and chrome did not go to it, and the above message was the reason why.

so, i'm wondering if there's some issue with oracle1, or if it can all be explained somehow

I have no problems getting to oracle1 and seeing the landing page, how old is the system and browser? In any case, oracle1 is a WS for F@h and the folding client does not use a certificate to access Work Servers to download or upload WUs.

As far as bitdefender is concerned, probably yet another of its false positives.

P.S. If you look up the IP, it is plainly listed as being in the Oracle Public Cloud.

i'm pretty out of date on ubunt 17 and chrome ver62. I went to check again and now I don't get that error and I see the "WS for FAH" now. how odd.

figured it'd be a false positive regarding bitdefender; thanks

Hi, not sure if anyone can help me with this problem. Have been running F@H on my computer since last summer, using Bitdefender as my AV and have never received this message from any of the servers, but over the past 2 weeks have received the warning for 2 servers . Most recent is 69.94.66.6 and previously was 150.136.14.110

See viewtopic.php?f=18&t=35385&p=335641&hil ... er#p335641 … looks as if Bitdefender may have been throwing some false positives?

So that's the explanation, it's Bitdefenders fault, despite the fact that I've been running it since July last year without one warning like this, then all of a sudden it gives me this warning for 2 of the F@H servers Not possible that someone's hacked or compromised the great F@H servers, not even worth a look into or possibility. Guess for now I'll just shut the client down and maybe sometime in the future give ti a go again, my electricity bill will thank me for it, don't need to go risking getting my system full of who knows what.

Neil-B wrote:See viewtopic.php?f=18&t=35385&p=335641&hil ... er#p335641 … looks as if Bitdefender may have been throwing some false positives?

I said "it looks as if Bitdefeder may have been" ... I didn't say it is Bitdefenders fault ... Bitdefender is one product on the market are quite a few and other approaches as well that identify compromised servers ... If the servers are compromised (and I would expect someone to be checking this given your post) then it is likely that various other alerts will also be posted as other people have issues.

The servers have software updates and even these changes can cause some security software to flag issues ... normally a single or small number of reports turns out to be false positives - but I am sure the team will check.

Obviously if you feel that the risk is such that any alert is too many then of course feel free to cease to connect to the servers ... You can also report the server to Bitdefender who will check if it is a false positive https://www.bitdefender.com/consumer/su ... wer/29358/ and provide you with reassurance if it is.

As this is a security issue you may want to try reporting this via https://github.com/FoldingAtHome/fah-is ... ity/policy even though I believe this may be for the client software I believe this developer also knows the servers quite well and works on the server side infrastructures.

The first IP you mention is Oracle1 - hence the reason I simply posted the link to allow this to be matched up - not to dismiss your concerns.

The second IP (the one in your subject line) is actually a different one - and I am slightly intrigued by its "name as avast1.foldingathome.org" as may just be a coincidence but Avast are one of the more known antivirus vendors.

As you did not give any indication of what issue Bitdefender reported, it will be hard for anyone to check. At least the other person did report a certificate issue, and that can safely be overlooked as the FAHClient will be checking the internal digital signatures of each file it downloads from the servers. The client does not use site certificates.

But as Neil-B posted, someone will check into this. If it was a certificate problem, most likely it may be a mismatch from the certificate site address and the current naming as avast1.foldingathome.org.

As for your snark, I suggest you look up just how often Bitdefender does report on false positives. That is also an issue with many other such software. And next time read what was actually written, not your own internal dialog.