[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] wget generates warning from McAfee

From: Keisial
Subject: Re: [Bug-wget] wget generates warning from McAfee
Date: Mon, 08 Mar 2010 17:02:59 +0100
User-agent: Thunderbird

Andreas Moroder wrote:

on our PCs we have this small scripts

c:\prog\bin\wget -Nnv ftp://svc-ftpticket/ticket/download/*

that downloads from a server to the PC the contents of a directory when the content of the source is newer.

Sometimes on the client our McAfee antivirus systems generates a warning telling us, that wget tries to connect to our server using the port 666x ( where x i 6, 7 or 8 ).

Can anyone please tell why wget uses this ports and how I can stop this ? Why does it happen only sometimes ?


Because windows gives him that port. wget asks for a port to communicate, any port, it doesn't matter which. So Windows provides him an unused port. Usually, the smaller port that hasn't been used yet. Other Operating Systems do the same. It only happens sometimes because it's an unlikely event. You could get the same warning for your browser, if you visited ft pages enough times. It's a combination of using ftp (which opens a listening port, for passive connection) and 6666-6668 range (where irc servers tend to listen) what makes McAfee nervous.

You can try instructions from kb812873 <http://support.microsoft.com/default.aspx?scid=kb;en-us;812873> to exclude that range, add --no-passive-ftp option to wget so it doesn't open a listening socket, and reporting the problem to McAfee so they don't give such warning (while it may be sensible if someone wanted to listen on it, it shouldn't be throwin a warning if the user requested "any port").

reply via email to

[Prev in Thread] Current Thread [Next in Thread]