• Which the release of FS2020 we see an explosition of activity on the forun and of course we are very happy to see this. But having all questions about FS2020 in one forum becomes a bit messy. So therefore we would like to ask you all to use the following guidelines when posting your questions:

    • Tag FS2020 specific questions with the MSFS2020 tag.
    • Questions about making 3D assets can be posted in the 3D asset design forum. Either post them in the subforum of the modelling tool you use or in the general forum if they are general.
    • Questions about aircraft design can be posted in the Aircraft design forum
    • Questions about airport design can be posted in the FS2020 airport design forum. Once airport development tools have been updated for FS2020 you can post tool speciifc questions in the subforums of those tools as well of course.
    • Questions about terrain design can be posted in the FS2020 terrain design forum.
    • Questions about SimConnect can be posted in the SimConnect forum.

    Any other question that is not specific to an aspect of development or tool can be posted in the General chat forum.

    By following these guidelines we make sure that the forums remain easy to read for everybody and also that the right people can find your post to answer it.

Port scan

WarpD

WarpD

Messages
2,153
Country
us-ohio
Ok, I'm having a weird thing happen.

My Malwarebytes is reporting that fsdeveloper.com is trying to run a port scan on my computer whenever I come to the forum.

I can't fathom why it would want to do a port scan to begin with, but Malwarebytes blocks access because of it.

Any thoughts? Suggestions? Insight?

I will not be disabling Malwarebytes as it is very, very good at protecting one from malicious websites.
 
I think Jon had the same issue, but Arno and I have not yet.
 
Something about this forum (server, ads, something) is initiating this port scan. The only reason for that is most definitely nefarious as only IT pros need to do a port scan and even then, very rarely.
 
I use Chrome with Adblock+, and don't use MalwareBytes, so maybe that's why I don't get the warning.
 
I use Malwarebytes AntiMalware and the Malwarebytes browser plugin extension for FireFox, but I get no alerts regarding FSDEV.

There have been events in the past, however, that raised serious concerns about secure connectivity at the FSDEV website.

GaryGB
 
I can't imagine which part of the website would do a port scan. We have not recently updated the forum software and we don't have any ads.
 
I am using Malwarebytes and get the problem. Just started in the past few days
 
It's very weird... I have to turn off the web protection before opening my browser and then I can get here. While I trust y'all... my fear is I will forget to turn it back on before going elsewhere.
 
I think MalwareBytes allows an exclusion for a website in it's settings. This is a new issue with MalwareBytes and the above link says they will fix the issue... but I wouldn't hold my breath.
 
Although I do use multiple security plugins / extensions with FireFox, I always first work with the Router firmware FireWall.

And I then perform a ShieldsUp! security analysis at Gibson Research website before I begin tinkering with Windows FireWall.


Be aware nearly all security firewalls, and GRC ShieldsUp! ...only scan / test / monitor Ports up to 1024 (except for a few).

There is 65,536 ports on which communications occur; Nir Sofer's CurrentPorts shows all "active" ports: (I use it 24/7/365)

https://www.nirsoft.net/utils/cports.html


After configured to run regardless of things done by security software (Malwarebytes etc.), I next configure software.

First I configure Malwarebytes and Windows Defender, then multiple plugins / extensions used within FireFox

I always configure FireFox to access the web only via HTTPS connectivity, or else warn me before accessing webites via HTTP.


I always run RKILL before I run a scan using Malwarebytes, (I have seen malware disable and/or un-install Malwarebytes):

https://www.bleepingcomputer.com/download/rkill/


Here is a pertinent thread on the example Port 443 scan cited in the Malwarebytes forum thread link above by Dick:

https://forums.grc.com/threads/steve-gibson-port-scanner-port-443.840/

GaryGB
 
Last edited:
Let's be clear, this is not an issue with my system. This is the fsdeveloper website doing a port scan according to Malwarebytes. Do I believe there is a port scan? I neither believe nor disbelieve. I am simply letting the admin(s) know an issue has presented itself. I have used Gibson Research's Shield's Up! website to test my system and can state it's 100% secured from invasive probes.
I am aware that I can inform Malwarebytes to allow anything from this domain to be accessed. That is not a safe approach. By telling Malwarebytes to never check this IP's returns, that would allow this domain to 'attack' my system without my seeing it. While I trust the owners... doesn't mean someone can't sneak in unnoticed and make mods to the website.
 
One might wonder if there is a plugin that could increase your security even further against "invasive probes".

7gv7bh.jpg


GaryGB
 
Do I understand it correctly that MalwareBytes flags the port scanning based on the FSDeveloper server IP address?

So I that case it could also be that another website at the webhost on the same IP did flag this warning .
 
It is flagging port scanning from the IP for FSDeveloper.com so yes, you understand correctly. I have no idea what other websites might be hosted at the same IP.

Gary, I don't hide my location... not important enough, as knowing where I live isn't going to be beneficial to anyone. You can stand right outside my home and still not get inside my computer system. If you want to come into my home without permission... then let the games begin! LOL

Oh, any any geolocation data for my IP... won't get you to my house. 😀
 
Last edited:
AFAIK, I wasn't expressing any intent on my part to access your computer or domicile; having known of you, your FS activies and knowing your State flag over the years, I simply shared some joviality in an otherwise serious thread.😀

GaryGB
 
MalwareBytes in a recent update somehow changed their port scanning detection. Nothing changed at FSDeveloper or millions of other websites. MalwareBytes changed. The above link I gave indicates they have made a mistake in blocking all websites. They do seem to have an exclusion function that can be found in their settings that will allow FSDeveloper specifically to be allowed in the browser. They indicated they may change their app to not block so many websites.
I wouldn't uninstall MalwareBytes, but would use the settings to allow FSDeveloper into the browser. I don't use MalwareBytes. I use the default Microsoft protection, along with AdBlocker+ It seems to keep things under control. I actually don't visit more than a couple dozen websites.
 
On second thought, are you hosting a backyard BBQ today ?

If so, are you sure you would not welcome a fellow flightsimmer who offers to foot the beverage bill ?

No ?

OK, then maybe Jim Skorna is enjoying a bit of sunshine in the backyard today. 😉

Just kidding; I rarely need an excuse to fly somewhere.

GaryGB
 
Last edited:
No BBQ here today... oh wait! Actually, I'm smoking chicken wings this afternoon for dinner!

Wait... how did you know? I think there's some conspiracy going on here! It's as if my driving annually to Oshkosh (EAA Airventure) is exposing me to people from Illinois and Wisconsin!!
 
It's a good place to be for a late July / Early August "Adventure", even if one meets up with the local Midwest "riff-raff". :laughing:

My colleague and I still regret not having flown into the Seaplane base years ago because we were fooled by transient weather.


But it was a great drive from the condo on Lake Wisconsin (Dells area), so we had some good days in Oshkosh anyway. :cool:

GaryGB
 
You must log in or register to reply here.
Back
Top