hi! There was a post about it, but that is not solution for my problem. I installed Apache 2.2.6 and sygate personal firewall. I used apache 2.2.2, and 2.2.4, and every time, when sygate asked it, i sad NO to access the network. Since i'v intalled this 2.2.6 i am always geting this message: The executable has changed since the last time you used. But i did not upgrade or do anything with this exe. Why is it ?
Exactly the entry: The executable has changed since the last time you used: D:\apache\bin\httpd.exe File Version : 2.2.6.0 File Description : Apache HTTP Server File Path : D:\apache\bin\httpd.exe Process ID : 0x650 (Heximal) 1616 (Decimal) Connection origin : remote initiated Protocol : TCP Local Address : 217.20.142.189 Local Port : 80 (HTTP - World Wide Web) Remote Name : Remote Address : 85.255.170.100 Remote Port : 4813 Ethernet packet details: Ethernet II (Packet Length: 62) Destination: 00-00-02-00-00-00 Source: 02-00-20-00-02-00 Type: IP (0x0800) Internet Protocol Version: 4 Header Length: 20 bytes Flags: .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset:0 Time to live: 117 Protocol: 0x6 (TCP - Transmission Control Protocol) Header checksum: 0x44e0 (Correct) Source: 85.255.170.100 Destination: 217.20.142.189 Transmission Control Protocol (TCP) Source port: 4813 Destination port: 80 Sequence number: 2314073152 Acknowledgment number: 0 Header length: 28 Flags: 0... .... = Congestion Window Reduce (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...0 .... = Acknowledgment: Not set .... 0... = Push: Not set .... .0.. = Reset: Not set .... ..1. = Syn: Set .... ...0 = Fin: Not set Checksum: 0x9e49 (Correct) Data (0 Bytes) Binary dump of the packet: 0000: 00 00 02 00 00 00 02 00 : 20 00 02 00 08 00 45 00 | ........ .....E. 0010: 00 30 BD 4D 40 00 75 06 : E0 44 55 FF AA 64 D9 14 | .0.M@.u..DU..d.. 0020: 8E BD 12 CD 00 50 89 ED : F4 40 00 00 00 00 70 02 | .....P...@....p. 0030: 40 00 49 9E 00 00 02 04 : 05 B4 01 01 04 02 | @.I...........
Have you tried disabling the appropriate option in Sygate. May be disable anti-application hijacking? (I'm not using Sygate so working from memory) Regarding the above information, you need some serious firewall expert to interpret that! But there should be definitely someone at Wilders who can.
Regarding the contents of packet / type of network connection. That is irrelevent I think. The application was changed earlier (a software update possibly) Now it is trying to connect to the internet to continue working normally. (So network data probably irrelevent) If Sygate doesn't remember the application's file checksum, try reinstalling Sygate / adding application to exclusion list.
I understand you. But my problem is: You know, when i installed my machine, first time, sygate asked all the applications, do i want to enable to access that for network or not. There is a checkbox about, remember this settings or not ? When there are a portscan, sygate aksked me, do i want to allow the mysql (for example), to access the network. So i sad no, and since that time, sygate never asked it again. When my AVG update itself, sygate ask me, do i want to allow the network, becase before the update i allowed that, but since that time the executable has changed. Of course i want, because i know that it has changed, bacuase it has updated. BUT! Apache web server not that kind of application, what make changes day by day. And this question comes 5-6 times a day. I think i should ask the apache foundation, what could be the problem. If i will get the answer, i will tell it here.
Hello, If the executable got changed somehow, it will ask you that. You need to know if the change should have happened - and accordingly allow or deny. But for your reference, this happens all the time with software updates, for example, when Firefox updates, the first time it launches after the update, Sygate will ask about the change. If it's harmless, you allow it. If not, you investigate what could have happened. Most likely, apache got updated. Compare the version you have to the one you think you have, check the file sizes etc. Mrk