Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.
What I want to know is why VS is dialing out on port 1433 which is used by SQL server?
4.03 out now. If you are using version 3.59 or 4.02 you can install over top, if you are using 4.00 or 4.01 uninstall, reboot, then install the latest version.
Just installed v4.03b beta over the top....No reboot, as yet!
%appdata% = C:\Users\J_L\AppData\Roaming
As you can see, AppData is very much alive. Program Data applies system-wide, AppData is for specific user.
I'll wait for VoodooShield 0.4 release version. Don't have time to start fresh or deal with system problems right now.
From the horse mouth:
BTW, people are asking why VS uses port 1433. All of our data is stored on an SQL server... like the user accounts (which is the norm), all of the VoodooAi cloud data, training data sets, you name it, it is stored on our SQL server.
Yes, but VS doesn't use AppData, only ProgramData ... at least there is no VoodooShield folder in any of my AppData folders ...
Correct @paulderdash that was the point I was getting to! For XP users VS files would be in AppData as it doesn't have a ProgramData Folder unlike Vista and so on.
The problem is this. The connection via port 1433 remains in an "established state" way too long. It persists long after any file lookup and the like has occurred; even after the browser has been closed. That's a vulnerability in my book.
Also, I am using the free ver. which isn't even supposed to be doing any AI analysis on those servers.
Just thought my finding would give the answer you where after. I'm afraid somebody else will have to chip in.
I just noticed your comment over in that other VS forum. You can find voodooshield-token.json at C:\Users\Owner\AppData\Local\Temp
P.S. Also, see my screenshot in an earlier post #17488 - https://www.wilderssecurity.com/threads/voodooshield.313706/page-700#post-2705510
Speak of the devil....
Thanks mate, much appreciated. Hopefully as Dan said the next beta should solve most of the issues users are having.
BTW All seems to be fine this morning, no registration prompt, no autostart issues. So I'll hold on apply any tweak for the time being,
You're welcome. VS seems to be running well at the moment on my laptop. I don't tweak, usually.
Did he get his web console secure yet? I logged in a few days ago. No https. Uninstalled.
Using the full version my screen shot shows 4 connections that stay for a while then 3 drop off and just port 80 stays full time.
Well, it is about to all make sense .
I am not sure if you guys have noticed, but sometimes when you visit voodooai.net, you will notice that you will receive a 503 error, or the page will not load. There are also registration errors in VS. So I contacted our web host a couple of days ago to find out why, and basically, we need to upgrade the server and also limit connections to the server as much as possible, because it is having a difficult time keeping up.
There were certainly bugs in the registration code for VS, but I believe those are all fixed now, and once we figure out the server situation, we should be good to go.
On somewhat of a side note...
@itman on wilders was concerned that "The connection via port 1433 remains in an "established state" way too long." What he does not understand is that we use a well known, secure and established method for the connection. Also, the free version of VS includes VoodooAi.
Also, as far as our temporary site (voodooai.net) being http and not https... can one of the fearmongers please show me a man in the middle attack that can occur outside of a LAN, without the use of malware (which VS would stop). The reality is this... if someone is on a public wifi network, they should not be visiting any website that require passwords anyway, whether the site is https or not, simply because there are now mitm attacks now that are successful with https as well. Until very recently, https was used mainly for e-commerce sites, but there has been a recent push to use it for all websites. So now around 50% of websites use https, and 50% use http.
@Trooper... I was under the impression that you were running VS free. You cannot log in to the web management console with a VS free account, so why is the following even a concern in the first place? VoodooShield ?
I am working hard to get everything in place, and I imagine that most people would prefer that my focus is on wrapping up VS 4.0, rather than non-issues.
@Nitty Kutchie ...Thanks for the tip about "Security and Maintenance" that you posted in another thread, a short time ago.
I am not running the free version. Even if I was, wtf?
he's right tho, why do you care about the web console/panel not having SSL, it's solely for configuration..
Because it should be secure.
I just had to re-register, when booting up....
Ditto here Tarnak...so nothing has really changed as far as I am concerned and I am also still getting multiple & repeated notifications of a potential exploit being block for files that I have either previously allowed or tried to set u a rule for...and that includes chrome.exe, WRSA-related.dlls & conhost.dll, which is all rather annoying to say the least. It looks like VS is giving the warning either per add-on installed in Chrome or for each tab open.
Looks like I am going to have to go back to 3.59 on my main system and persevere with 4.03 on my other (where I do most of my beta testing).
Oh well, Dan did say that v4 was a virtual rewrite of some major parts of VS...so only to be expected I suppose.
But onwards & upwards, eh, what, I say, jolly good!
Separate names with a comma.