[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-wget] Re: wget generates warning from McAfee
From: |
David H. Lipman |
Subject: |
[Bug-wget] Re: wget generates warning from McAfee |
Date: |
Mon, 8 Mar 2010 19:35:05 -0500 |
From: "Andreas Moroder" <address@hidden>
| Hello,
| on our PCs we have this small scripts
| c:\prog\bin\wget -Nnv ftp://svc-ftpticket/ticket/download/*
| that downloads from a server to the PC the contents of a directory when
| the content of the source is newer.
| Sometimes on the client our McAfee antivirus systems generates a warning
| telling us, that wget tries to connect to our server using the port 666x
| ( where x i 6, 7 or 8 ).
| Can anyone please tell why wget uses this ports and how I can stop this
| ? Why does it happen only sometimes ?
| Thanks
| Andreas
Sounds like McAfee is flagging the TCP data at port 6666 ~ 6668 as possible IRC
communications. Many BOTS use IRC for C2.
I think SubSeven uses a port in that range.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp