Craigsafe 0 Posted June 17, 2015 Share Posted June 17, 2015 (edited) Very confused: When I install ESET Cyber Security Pro on each of my kids Macs, immediately after detecting our actual home network the following happens: - New Network Connection Detected. "You just connected to an unknown location. Please select a profile for this connection." - So, I confirm my current (not new) network connection name. It shows my current familiar network address. - Then it prompts me again with a New Network Connection detected. - It says, "Interface: awd10" I don't know what this is. - Below, under advanced settings it shows a Network of "fe80::/64" and above that a particular fe80... address. I am unfamiliar with this address. - Now, my normal network connection shows BOTH addresses, as if my internet connection might be routing 2 different directions. This appears really suspicious to me. I'm wondering if a malicious code is activating or running awd10. Does anyone else experience this? Is this a true part of ESET? (If so, it would be REALLY nice to be forewarned.) Thank you for any help! Craig Edited June 17, 2015 by Craigsafe Link to comment Share on other sites More sharing options...
SweX 871 Posted June 17, 2015 Share Posted June 17, 2015 Hello and welcome to the forum. See this KB article for some answers: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3440&actp=search&viewlocale=en_US&searchid=1434562650435 Link to comment Share on other sites More sharing options...
Craigsafe 0 Posted June 17, 2015 Author Share Posted June 17, 2015 SweX, Thank you for the link... I have updated my original post to clarify the cause of my concern. It recognizes my normal internet connection. But then it recognizes one I don't know (i.e. the awd10 or awdIO), and an address I don't know. And then it merges both addresses into my internet connection. And if I try to cancel, it continues to pop-up endlessly. Seems like bizarre behavior to me. I have a direct inquiry out to ESET now to see if they are the source of the awd10 connection. If not, it seems malicious. Link to comment Share on other sites More sharing options...
Most Valued Members planet 232 Posted June 17, 2015 Most Valued Members Share Posted June 17, 2015 (edited) When I install ESET Cyber Security Pro on each of my kids Macs, immediately after detecting our actual home network the following happens: - New Network Connection Detected. "You just connected to an unknown location. Please select a profile for this connection." - So, I confirm my current (not new) network connection name. It shows my current familiar network address. - Then it prompts me again with a New Network Connection detected. - It says, "Interface: awd10" I don't know what this is. - Below, under advanced settings it shows a Network of "fe80::/64" and above that a particular fe80... address. I am unfamiliar with this address. - Now, my normal network connection shows BOTH addresses, as if my internet connection might be routing 2 different directions. This appears really suspicious to me. I'm wondering if a malicious code is activating or running awd10. Does anyone else experience this? Is this a true part of ESET? (If so, it would be REALLY nice to be forewarned.) Hi Craig, I'm fairly certain that this isn't malware based on the information you've provided. Here's a nice description for it (via Mario Ciabarra on medium.com): AWDL (Apple Wireless Direct Link) is a low latency/high speed WiFi peer-to peer-connection Apple uses for everywhere you’d expect: AirDrop, GameKit (which also uses Bluetooth), AirPlay, and perhaps elsewhere. It works using its own dedicated network interface, typically “awdl0". You can read the full article as well for more detail on this. Aside from your kids Macs, do you have any other apple devices connected to your network? Any AppleTVs, iPhones or iPads etc. with AirPlay or AirDrop or currently turned on? Overall, this would be why you are seeing this appear in ESET Cyber Security Pro. I do think ESET should provide more friendly names instead of just the technical name of the network interface (such as Apple Wireless Direct Link (awdl0) instead of just awdl0) if possible. I know they already provide the friendly name for some like Ethernet, Wi-Fi and Bluetooth but have no idea why not for other ones. I'll add this to the suggestion topic. In terms of selecting a profile, you can select the same one you're using for your main Ethernet or Wi-Fi connection (you mentioned Home). In another article (near the bottom that mentions Yosemite) by the same author, if you feel that you don't need to use AWDL you can turn it off via the terminal and turn it on again in the future if you need it later. Turning it off will no longer make awdl0 active. Before you do this though, please make sure you're running the latest version of Yosemite (10.10.3) and backup anything if necessary. Edited June 17, 2015 by planet Link to comment Share on other sites More sharing options...
Craigsafe 0 Posted June 18, 2015 Author Share Posted June 18, 2015 Planet -- Thank you SO much. Awesome, helpful info! God bless you. Craig Link to comment Share on other sites More sharing options...
Recommended Posts