On 04.03.2014 18:13, Andy Levy wrote:
> On Tue, Mar 4, 2014 at 11:23 AM, Trevor Middel <tmiddel_at_gmail.com> wrote:
>> Hi Folks,
>>
>> Yesterday I installed TortoiseSVN on a work desktop in order to download code from R-forge to compile the binary locally. The build on R-Forge had failed.
>>
>> This morning I received a call from our IT security requiring a scan to be run on my machine as it was suspected of running torrent software. My IP address also suggested a port had been opened on my machine.
>>
>> Uninstalling TortoiseSVN removed the port and allowed IT to connect remotely to my machine, scan is running now :)
>>
>> Does it make sense that TortoiseSVN would raise this flag for ITS? I had been considering using TortoiseSVN for some projects I'm working on but may have to reconsider given this issue, or go through the certification process here.
>
> I don't think anyone here can answer whether it makes sense or why it
> raised a flag, because no one here knows your company's security
> policies or understands the reasoning behind them.
>
> TortoiseSVN is not a BitTorrent client or server. It is not a server
> of any kind. It speaks HTTP, HTTPS, and the custom SVN protocol. It
> does not (to my knowledge) make outbound connections without the user
> explicitly taking action, except for an HTTP connection to check for
> new versions (and even that doesn't happen until you perform other
> tasks, IIRC).
>
> In short, your IT security team probably has an over-zealous rule
> configured that is misidentifying the software. If you need
> TortoiseSVN to do your job effectively, they need to work with you to
> handle it properly.
But just to make sure: please verify the digital signature on the TSVN
installer msi file and/or the TSVN exe and dll files:
http://tortoisesvn.net/msiverify.html
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest interface to (Sub)version control
/_/ \_\ http://tortoisesvn.net
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3074017
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2014-03-04 19:39:12 CET