Jump to content

Should I allow this from Windscribe vpn v2.02 build 10?


Recommended Posts

Should I allow this from Windscribe vpn v2.02 build 10? I can't use vpn unless I am allow it. egui_dT25ldlBjw.png.478cde31298f1ca41521b470f56fe4d5.png

Edited by Mr.Wong
Link to post
Share on other sites
  • Administrators

With default setting HIPS would not ask you about any action. I assume that you use HIPS smart mode, do you? In such case you should know how to respond. If not, you should use default (automatic) mode without any custom ask rules.

In this case since you've run a legitimate application you should allow the action and create a rule.

Link to post
Share on other sites
  • Most Valued Members
6 hours ago, Mr.Wong said:

Should I allow this from Windscribe vpn v2.02 build 10? I can't use vpn unless I am allow it. egui_dT25ldlBjw.png.478cde31298f1ca41521b470f56fe4d5.png

It seems that Windscribe are making changes in the folder that is in Target: , ESET doesn't like it when something touch the hosts folder/file

But as Macros said looks like a legitmate action by Windscribe

But make sure it's obtained from official website.

Link to post
Share on other sites
11 hours ago, Marcos said:

With default setting HIPS would not ask you about any action. I assume that you use HIPS smart mode, do you? In such case you should know how to respond. If not, you should use default (automatic) mode without any custom ask rules.

In this case since you've run a legitimate application you should allow the action and create a rule.

oh man, how do you know I use hips in smart mode? And yes I use HIPS in smart mode. I don't remember this popup in the old version 1.83 build 20 Windscribe. First time seeing this and it target host file so kinda make me nervous and scared a little bit like why does it need to target my pc Windows host file???? 

 

5 hours ago, Nightowl said:

It seems that Windscribe are making changes in the folder that is in Target: , ESET doesn't like it when something touch the hosts folder/file

But as Macros said looks like a legitmate action by Windscribe

But make sure it's obtained from official website.

oh okay. I got it from official site here: https://windscribe.com/

I don't remember this notification or similar when I use Windscribe v1.83 Build 20. Kinda nervous and scared when I see this notification from Windscribe needs to write to my pc host file. 

47 minutes ago, itman said:

I would say responding properly to this Eset alert depends on where you downloaded Windscribe from: https://www.lowyat.net/2020/222527/backdoor-windscribe-vpn-installer/

I got it from official site here: https://windscribe.com/

And wow that is very scary. Thanks for that article you linked. 

Link to post
Share on other sites

This is common for Windscribe VPN to do this. You have to allow it if you want to keep using Windscribe. They use IKEv2 protocol by default, and it needs to temporarily modify the host file for that reason. It restores to the previous state when you disconnect. 

Quote

This needs to happen because IKEv2 doesn't resolve server domains on its own like OpenVPN (UDP and TCP) does. So it edits the hosts file to make a local DNS record for the server you connect to. The alternative is to connect to an external DNS server to resolve the Windscribe server domain but we won't be doing that for security reasons.

Also, this must be new for HIPS smart mode. I have never seen this before. Instead, I had to create my own rule to monitor host file modification. So I don't think this happened cause the VPN was updated recently. It's probably because ESET updated their HIPS Smart mode rule.  

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...