[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-wget] Re: wget generates warning from McAfee

From: David H. Lipman
Subject: [Bug-wget] Re: wget generates warning from McAfee
Date: Mon, 8 Mar 2010 19:35:05 -0500

From: "Andreas Moroder" <address@hidden>

| Hello,

| on our PCs we have this small scripts

| c:\prog\bin\wget -Nnv ftp://svc-ftpticket/ticket/download/*

| that downloads from a server to the PC the contents of a directory when
| the content of the source is newer.

| Sometimes on the client our McAfee antivirus systems generates a warning
| telling us, that wget tries to connect to our server using the port 666x
| ( where x i 6, 7 or 8 ).

| Can anyone please tell why wget uses this ports and how I can stop this
| ? Why does it happen only sometimes ?

| Thanks
| Andreas

Sounds like McAfee is flagging the TCP data at port 6666 ~ 6668 as possible IRC 
communications.  Many BOTS use IRC for C2.
I think SubSeven uses a port in that range.

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp 

reply via email to

[Prev in Thread] Current Thread [Next in Thread]