TortoiseSVN possibly flagged by IT as security risk
543 views
Skip to first unread message
Trevor Middel
Mar 4, 2014, 11:23:36 AM3/4/14
to us...@tortoisesvn.tigris.org
Hi Folks,
Yesterday I installed TortoiseSVN on a work desktop in order to download code from R-forge to compile the binary locally. The build on R-Forge had failed.
This morning I received a call from our IT security requiring a scan to be run on my machine as it was suspected of running torrent software. My IP address also suggested a port had been opened on my machine.
Uninstalling TortoiseSVN removed the port and allowed IT to connect remotely to my machine, scan is running now :)
Does it make sense that TortoiseSVN would raise this flag for ITS? I had been considering using TortoiseSVN for some projects I'm working on but may have to reconsider given this issue, or go through the certification process here.
Cheers and thanks in advance.
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074001
To unsubscribe from this discussion, e-mail: [users-un...@tortoisesvn.tigris.org].
Yesterday I installed TortoiseSVN on a work desktop in order to download code from R-forge to compile the binary locally. The build on R-Forge had failed.
This morning I received a call from our IT security requiring a scan to be run on my machine as it was suspected of running torrent software. My IP address also suggested a port had been opened on my machine.
Uninstalling TortoiseSVN removed the port and allowed IT to connect remotely to my machine, scan is running now :)
Does it make sense that TortoiseSVN would raise this flag for ITS? I had been considering using TortoiseSVN for some projects I'm working on but may have to reconsider given this issue, or go through the certification process here.
Cheers and thanks in advance.
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074001
To unsubscribe from this discussion, e-mail: [users-un...@tortoisesvn.tigris.org].
Andy Levy
Mar 4, 2014, 12:13:31 PM3/4/14
to us...@tortoisesvn.tigris.org
On Tue, Mar 4, 2014 at 11:23 AM, Trevor Middel <tmi...@gmail.com> wrote:
> Hi Folks,
>
> Yesterday I installed TortoiseSVN on a work desktop in order to download code from R-forge to compile the binary locally. The build on R-Forge had failed.
>
> This morning I received a call from our IT security requiring a scan to be run on my machine as it was suspected of running torrent software. My IP address also suggested a port had been opened on my machine.
>
> Uninstalling TortoiseSVN removed the port and allowed IT to connect remotely to my machine, scan is running now :)
>
> Does it make sense that TortoiseSVN would raise this flag for ITS? I had been considering using TortoiseSVN for some projects I'm working on but may have to reconsider given this issue, or go through the certification process here.
I don't think anyone here can answer whether it makes sense or why it
> Hi Folks,
>
> Yesterday I installed TortoiseSVN on a work desktop in order to download code from R-forge to compile the binary locally. The build on R-Forge had failed.
>
> This morning I received a call from our IT security requiring a scan to be run on my machine as it was suspected of running torrent software. My IP address also suggested a port had been opened on my machine.
>
> Uninstalling TortoiseSVN removed the port and allowed IT to connect remotely to my machine, scan is running now :)
>
> Does it make sense that TortoiseSVN would raise this flag for ITS? I had been considering using TortoiseSVN for some projects I'm working on but may have to reconsider given this issue, or go through the certification process here.
raised a flag, because no one here knows your company's security
policies or understands the reasoning behind them.
TortoiseSVN is not a BitTorrent client or server. It is not a server
of any kind. It speaks HTTP, HTTPS, and the custom SVN protocol. It
does not (to my knowledge) make outbound connections without the user
explicitly taking action, except for an HTTP connection to check for
new versions (and even that doesn't happen until you perform other
tasks, IIRC).
In short, your IT security team probably has an over-zealous rule
configured that is misidentifying the software. If you need
TortoiseSVN to do your job effectively, they need to work with you to
handle it properly.
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074010
Stefan Küng
Mar 4, 2014, 1:39:07 PM3/4/14
to us...@tortoisesvn.tigris.org
On 04.03.2014 18:13, Andy Levy wrote:
> On Tue, Mar 4, 2014 at 11:23 AM, Trevor Middel <tmi...@gmail.com> wrote:
>> Hi Folks,
>>
>> Yesterday I installed TortoiseSVN on a work desktop in order to download code from R-forge to compile the binary locally. The build on R-Forge had failed.
>>
>> This morning I received a call from our IT security requiring a scan to be run on my machine as it was suspected of running torrent software. My IP address also suggested a port had been opened on my machine.
>>
>> Uninstalling TortoiseSVN removed the port and allowed IT to connect remotely to my machine, scan is running now :)
>>
>> Does it make sense that TortoiseSVN would raise this flag for ITS? I had been considering using TortoiseSVN for some projects I'm working on but may have to reconsider given this issue, or go through the certification process here.
>
> I don't think anyone here can answer whether it makes sense or why it
> raised a flag, because no one here knows your company's security
> policies or understands the reasoning behind them.
>
> TortoiseSVN is not a BitTorrent client or server. It is not a server
> of any kind. It speaks HTTP, HTTPS, and the custom SVN protocol. It
> does not (to my knowledge) make outbound connections without the user
> explicitly taking action, except for an HTTP connection to check for
> new versions (and even that doesn't happen until you perform other
> tasks, IIRC).
>
> In short, your IT security team probably has an over-zealous rule
> configured that is misidentifying the software. If you need
> TortoiseSVN to do your job effectively, they need to work with you to
> handle it properly.
But just to make sure: please verify the digital signature on the TSVN
> On Tue, Mar 4, 2014 at 11:23 AM, Trevor Middel <tmi...@gmail.com> wrote:
>> Hi Folks,
>>
>> Yesterday I installed TortoiseSVN on a work desktop in order to download code from R-forge to compile the binary locally. The build on R-Forge had failed.
>>
>> This morning I received a call from our IT security requiring a scan to be run on my machine as it was suspected of running torrent software. My IP address also suggested a port had been opened on my machine.
>>
>> Uninstalling TortoiseSVN removed the port and allowed IT to connect remotely to my machine, scan is running now :)
>>
>> Does it make sense that TortoiseSVN would raise this flag for ITS? I had been considering using TortoiseSVN for some projects I'm working on but may have to reconsider given this issue, or go through the certification process here.
>
> I don't think anyone here can answer whether it makes sense or why it
> raised a flag, because no one here knows your company's security
> policies or understands the reasoning behind them.
>
> TortoiseSVN is not a BitTorrent client or server. It is not a server
> of any kind. It speaks HTTP, HTTPS, and the custom SVN protocol. It
> does not (to my knowledge) make outbound connections without the user
> explicitly taking action, except for an HTTP connection to check for
> new versions (and even that doesn't happen until you perform other
> tasks, IIRC).
>
> In short, your IT security team probably has an over-zealous rule
> configured that is misidentifying the software. If you need
> TortoiseSVN to do your job effectively, they need to work with you to
> handle it properly.
installer msi file and/or the TSVN exe and dll files:
http://tortoisesvn.net/msiverify.html
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest interface to (Sub)version control
/_/ \_\ http://tortoisesvn.net
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074017
Trevor Middel
Mar 4, 2014, 1:39:54 PM3/4/14
to us...@tortoisesvn.tigris.org
Hi Andy,
Thanks for the reply, I was hesitant to ask here as I realize I didn't/couldn't provide much detail. I did not receive much in the way of information from our ITS group and I'm even unsure still whether it was TortoiseSVN which raised the flag. I may find out when the scan is complete.
I don't understand the architecture of TortoiseSVN so just asked to see if there was an immediate, "Yeah, this us why...." vs "No, that makes no sense...". I think I have my answer.
I'm sure our ITS group has aggressive filtering settings, but I can understand their position as well. Users can and will do crazy things!
I'll have to do some work with them to help identify any issues and move forward.
Thanks again...
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074018
Thanks for the reply, I was hesitant to ask here as I realize I didn't/couldn't provide much detail. I did not receive much in the way of information from our ITS group and I'm even unsure still whether it was TortoiseSVN which raised the flag. I may find out when the scan is complete.
I don't understand the architecture of TortoiseSVN so just asked to see if there was an immediate, "Yeah, this us why...." vs "No, that makes no sense...". I think I have my answer.
I'm sure our ITS group has aggressive filtering settings, but I can understand their position as well. Users can and will do crazy things!
I'll have to do some work with them to help identify any issues and move forward.
Thanks again...
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074018
Trevor Middel
Mar 4, 2014, 1:53:01 PM3/4/14
to us...@tortoisesvn.tigris.org
Hi Stefan,
Thanks for the response. I just confirmed the .msi file has a valid signature. I'll let you know the outcome if you are interested.
Cheers,
Trevor
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074021
Thanks for the response. I just confirmed the .msi file has a valid signature. I'll let you know the outcome if you are interested.
Cheers,
Trevor
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074021
Stefan Küng
Mar 4, 2014, 2:10:03 PM3/4/14
to us...@tortoisesvn.tigris.org
On 04.03.2014 19:53, Trevor Middel wrote:
> Hi Stefan,
>
> Thanks for the response. I just confirmed the .msi file has a valid signature. I'll let you know the outcome if you are interested.
Yes, please. Would be interesting to know if there's something in TSVN
> Hi Stefan,
>
> Thanks for the response. I just confirmed the .msi file has a valid signature. I'll let you know the outcome if you are interested.
that triggers such a security response.
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest interface to (Sub)version control
/_/ \_\ http://tortoisesvn.net
------------------------------------------------------
Alf Christophersen
Mar 5, 2014, 5:48:39 AM3/5/14
to us...@tortoisesvn.tigris.org
On 2014-03-04 19:39, Trevor Middel wrote:
> Hi Andy,
>
> Thanks for the reply, I was hesitant to ask here as I realize I
> didn't/couldn't provide much detail. I did not receive much in the way
> of information from our ITS group and I'm even unsure still whether it
> was TortoiseSVN which raised the flag. I may find out when the scan is
> complete.
>
> I don't understand the architecture of TortoiseSVN so just asked to
> see if there was an immediate, "Yeah, this us why...." vs "No, that
> makes no sense...". I think I have my answer.
>
> I'm sure our ITS group has aggressive filtering settings, but I can
> understand their position as well. Users can and will do crazy things!
>
>
> I'll have to do some work with them to help identify any issues and
> move forward.
At my work place TortoiseSVN get installed by the IT guys, since we are
> Hi Andy,
>
> Thanks for the reply, I was hesitant to ask here as I realize I
> didn't/couldn't provide much detail. I did not receive much in the way
> of information from our ITS group and I'm even unsure still whether it
> was TortoiseSVN which raised the flag. I may find out when the scan is
> complete.
>
> I don't understand the architecture of TortoiseSVN so just asked to
> see if there was an immediate, "Yeah, this us why...." vs "No, that
> makes no sense...". I think I have my answer.
>
> I'm sure our ITS group has aggressive filtering settings, but I can
> understand their position as well. Users can and will do crazy things!
>
>
> I'll have to do some work with them to help identify any issues and
> move forward.
not allowed to do it ourselves due to risk of at same time installing
viruses when browsing for things on Internet having the needed Admin
privilegies needed to do an install in a closed environment.
I tend to think that you have had something stored from places
elsewhere which contained viruses or alike, and that when getting the
needed privilegies as temporary admin, your tortoisesvn installation has
been infected by that virus that has just waited for the opportunity to
infect.
Where you have gotten that virus I have no idea, but maybe a home page
you have visited same day (after booting computer)
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074051
Gavin Lambert
Mar 5, 2014, 6:45:46 PM3/5/14
to us...@tortoisesvn.tigris.org
On 5/03/2014 23:48, Quoth Alf Christophersen:
(and thus you'll get a scarier warning when it prompts for admin
permissions).
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074076
> I tend to think that you have had something stored from places
> elsewhere which contained viruses or alike, and that when getting the
> needed privilegies as temporary admin, your tortoisesvn installation has
> been infected by that virus that has just waited for the opportunity to
> infect.
That can't happen, at least not without rendering the signature invalid
> elsewhere which contained viruses or alike, and that when getting the
> needed privilegies as temporary admin, your tortoisesvn installation has
> been infected by that virus that has just waited for the opportunity to
> infect.
(and thus you'll get a scarier warning when it prompts for admin
permissions).
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074076
Reply all
Reply to author
Forward
0 new messages