Jump to content

online or offline?


ingber

Recommended Posts

Hi.  A few times I have noticed the developers post that they have fixed a problem, but the version of MBARW has not changed.  Does this mean that MBARW communicates online to make some decisions?  I had thought that MBARW just runs independent of any online communication?

 

Thanks.

 

Link to post
Share on other sites

  • 2 weeks later...

Hi Lester,

Well, before your question gets buried on page 5 I can offer you a bit of info.

The MBARW beta most assuredly does phone home - at every boot-up

From my firewall logs -

At boot-up:

5/31/2016 11:37:30 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 50547 | 23.21.250.27 | 443 | 6
5/31/2016 11:37:30 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 50547 | 23.21.250.27 | 443 | 6

At restart:

5/31/2016 12:11:46 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 51395 | 23.21.250.27 | 443 | 6
5/31/2016 12:12:59 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 49707 | 107.23.215.162 | 443 | 6
5/31/2016 12:12:59 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 49707 | 107.23.215.162 | 443 | 6
5/31/2016 12:12:58 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 49707 | 107.23.215.162 | 443 | 6
5/31/2016 12:13:38 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 49756 | 23.21.250.27 | 443 | 6
5/31/2016 12:13:45 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 49759 | 107.23.215.162 | 443 | 6
5/31/2016 12:14:25 | MBAM Service | C:\program files\malwarebytes\anti-ransomware\mbamservice.exe | Out | 192.168.137.132 | 49800 | 52.7.27.246 | 443 | 6
 

Each connection is TCP https on 443 for 6 packets. IT takes (on TCP) 3 packets just for 2 machines to shake hands and make a connection and likewise 3 packets to say goodbye.
So they ain't talkin' much.
Each remote IP is an Amazon Storage Server.

Now I'm what they call a "gifted amateur" and you know the old saying, "God save us from the gifted amateur"

Now that opened my big mouth, maybe a Staff Member or a Dev will step in and clarify.

Peace. Alan

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.