Bitcoin Forum>Bitcoin>Bitcoin Technical Support
Author

Topic: Client port 443 outgoing connection (Read 2360 times)

paraipan
legendary
Activity: 924
Merit: 1004
Firstbits: 1pirata
Client port 443 outgoing connection
November 13, 2011, 07:24:54 PM
#12
could be the "dnsseed" ? stackexchange
gnar1ta$
donator
Activity: 798
Merit: 500
Re: Client port 443 outgoing connection
November 13, 2011, 07:24:44 PM
#11
Quote from: odysseus654 on November 13, 2011, 06:51:57 PM
If you have ProcessExplorer, maybe grab a stack trace and see where the request originated from?  Run Fiddler2 in MITM-attack mode and see what it's sending?

It's possible that it's not the official client technically making this connection anyhow, perhaps there is a DLL inside the process that is initiating this action.  Your anti-virus/anti-adware up to date?

It's a mac...don't have ati-virus/anti-adware.  Haven't needed it before, but after this and reviewing my sshd logs (didn't have deny hosts set up properly) I think I'll install Eset.
odysseus654
newbie
Activity: 44
Merit: 0
Re: Client port 443 outgoing connection
November 13, 2011, 06:51:57 PM
#10
If you have ProcessExplorer, maybe grab a stack trace and see where the request originated from?  Run Fiddler2 in MITM-attack mode and see what it's sending?

It's possible that it's not the official client technically making this connection anyhow, perhaps there is a DLL inside the process that is initiating this action.  Your anti-virus/anti-adware up to date?
Raoul Duke
legendary
Activity: 1386
Merit: 1002
Re: Client port 443 outgoing connection
November 13, 2011, 02:34:43 PM
#9
Quote from: bulanula on November 13, 2011, 02:27:46 PM
Quote from: gnar1ta$ on November 13, 2011, 02:05:44 PM
It's the stock client from the Bitcoin.org website. Just downloaded and installed, no compiling or third party sources. If it's something malicious it may be happening to others without them noticing.  It isn't detected by the system firewall.  I use a network monitor/outgoing connection firewall that catches it.

We are in deep trouble then. From official website ? Maybe it has backdoor !?

Too bad I don't have even a Mac VM or I would try it.
Will wireshark my 0.3.24 on linux and see if it does the same. Maybe I can use wireshark to monitor the 0.4.0 that I have installed on my windows machine.
bulanula
hero member
Activity: 518
Merit: 500
Re: Client port 443 outgoing connection
November 13, 2011, 02:27:46 PM
#8
Quote from: gnar1ta$ on November 13, 2011, 02:05:44 PM
It's the stock client from the Bitcoin.org website. Just downloaded and installed, no compiling or third party sources. If it's something malicious it may be happening to others without them noticing.  It isn't detected by the system firewall.  I use a network monitor/outgoing connection firewall that catches it.

We are in deep trouble then. From official website ? Maybe it has backdoor !?
Raoul Duke
legendary
Activity: 1386
Merit: 1002
Re: Client port 443 outgoing connection
November 13, 2011, 02:25:11 PM
#7
Well, that makes things even more strange. That's an HTTP SSL connection, no reason whatsoever for the Bitcoin client to open it, even if that IP was a node, which would make the port and type of connection different.
gnar1ta$
donator
Activity: 798
Merit: 500
Re: Client port 443 outgoing connection
November 13, 2011, 02:05:44 PM
#6
It's the stock client from the Bitcoin.org website. Just downloaded and installed, no compiling or third party sources. If it's something malicious it may be happening to others without them noticing.  It isn't detected by the system firewall.  I use a network monitor/outgoing connection firewall that catches it.
Raoul Duke
legendary
Activity: 1386
Merit: 1002
Re: Client port 443 outgoing connection
November 13, 2011, 01:55:09 PM
#5
Quote from: bulanula on November 13, 2011, 01:41:58 PM
Quote from: Raoul Duke on November 13, 2011, 01:38:23 PM
That domain belongs to Digital River, a company who, among other things, does third party software activations. Really strange.

Maybe Gavin used that to prevent piracy with the Oracle license Tongue ?


Well, I would freak out if my Bitcoin client was connecting to that domain, no matter the reason.

The real question here is: Where da f*** did the OP got the binary from?
bulanula
hero member
Activity: 518
Merit: 500
Re: Client port 443 outgoing connection
November 13, 2011, 01:41:58 PM
#4
Quote from: Raoul Duke on November 13, 2011, 01:38:23 PM
That domain belongs to Digital River, a company who, among other things, does third party software activations. Really strange.

Maybe Gavin used that to prevent piracy with the Oracle license Tongue ?
Raoul Duke
legendary
Activity: 1386
Merit: 1002
Re: Client port 443 outgoing connection
November 13, 2011, 01:38:23 PM
#3
That domain belongs to Digital River, a company who, among other things, does third party software activations. Really strange.
Stephen Gornick
legendary
Activity: 2506
Merit: 1010
Re: Client port 443 outgoing connection
November 13, 2011, 01:04:54 PM
#2
I don't think there is any reason the Bitcoin client would attempt to make an outgoing connection on port 443 unless you are specifically telling it to do so through settings (rpcconnect, rpcssl) in your Bitcoin.conf

Are you using a stock Bitcoin.conf?

Where did you get that binary build from?
gnar1ta$
donator
Activity: 798
Merit: 500
Re: Client port 443 outgoing connection
November 04, 2011, 11:49:35 AM
#1
Got this today from my firewall when I started client 0.4.0 on OS X:
"Bitcoin wants to connect to store.esellerate.net on TCP port 443 (https) IP 209.87.181.216"

Is this normal?  I haven't seen it before.
Bitcoin Forum>Bitcoin>Bitcoin Technical Support
Jump to: