jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philippe Mouawad <p.moua...@ubik-ingenierie.com>
Subject Re: Download of JMeter zip blocked by anti-virus
Date Tue, 03 Oct 2017 19:57:08 GMT
Hello,
I compared the MD5 of official and mirrors and they have the same values.
So for me it is the Antivirus is overzealous unless this mirror has been
reported as dangerous for another reasons.

I also notice that on the mirror , the link to check signature is broken:

   - http://mirrors.ircam.fr/pub/apache/jmeter/#sig

Regards

On Tue, Oct 3, 2017 at 9:47 PM, sebb <sebbaz@gmail.com> wrote:

> On 3 October 2017 at 20:16, Emilian Bold <emilian.bold@gmail.com> wrote:
> >> So I think the problem is elsewhere than the mirrored files.
> >
> > I believe the antivirus wasn't looking at the content but the URL for
> Java
> > binaries. Known mirrors were "safe".
>
> Perhaps, but the error messages suggest the problem is in the content:
>
> >  "BehavesLike.Java.Exploit.xm"
> >  "BehavesLike.Java.Suspicious-JAR.zv"
>
> Maybe the antivirus does not look at the content for files from known
> mirrors.
> Or perhaps it does check all the content but the error messages as
> above are suppressed for known 'good' URLs.
>
> If the AV reports too many false positives that might be a work-round.
>
> In any case, the 3rd party mirrors don't appear to be at fault here.
>
> >
> > --emi
> >
> > On Tue, Oct 3, 2017 at 10:11 PM, sebb <sebbaz@gmail.com> wrote:
> >
> >> On 3 October 2017 at 17:40,  <mathilde.duchossoy@laposte.net> wrote:
> >> > Ok, the point is closed.
> >> >
> >> >
> >> > As recommended by the official Apache JMeter web site, I used an
> >> official mirror site.
> >> >
> >> > I tried these 2 official French mirror sites:
> >> >   http://mirrors.ircam.fr/pub/apache/
> >>
> >> This URL works OK for me; I get the same contents as from
> >>
> >> http://www-eu.apache.org/dist/jmeter/binaries/
> >>
> >> >   http://apache.mirrors.ovh.net/ftp.apache.org/dist/
> >>
> >> Likewise from here.
> >>
> >> > and systematically got a reject by McAfee Web Gate, respectively with
> >> the messages
> >> >   "BehavesLike.Java.Exploit.xm"
> >> >   "BehavesLike.Java.Suspicious-JAR.zv"
> >> >
> >> >
> >> > Only after the mirror sites I tried Apache's official sites
> >> >   http://www-eu.apache.org/dist/
> >> >   http://www-us.apache.org/dist/
> >> > and these are fine.
> >> >
> >> > I conclude that either something is wrong on the mirror sites or
> McAfee
> >> WG is overzealous...
> >>
> >> Or there was a problem with the downloads from the mirrors.
> >>
> >> Did you check the hashes or sigs of the files downloaded from the
> mirrors?
> >>
> >> As noted above, I don't get any issues with those mirrors.
> >> I'm not using McAfee WG but the downloaded files are identical to the
> >> ones downloaded from the ASF hosts.
> >> And the sig for the zip file checks out OK.
> >>
> >> So I think the problem is elsewhere than the mirrored files.
> >>
> >> > MD
> >> >
> >> >
> >> >
> >> > ----- Mail original -----
> >> > De: "sebb" <sebbaz@gmail.com>
> >> > À: "JMeter Users List" <user@jmeter.apache.org>
> >> > Envoyé: Mardi 3 Octobre 2017 17:32:14
> >> > Objet: Re: Download of JMeter zip blocked by anti-virus
> >> >
> >> > On 3 October 2017 at 15:55, <mathilde.duchossoy@laposte.net> wrote:
> >> >>
> >> >> Hi JMeter experts !
> >> >>
> >> >>
> >> >> The download of JMeter 3.3 (apache-jmeter-3.3.zip) is systematically
> >> blocked by my corporate anti-virus (McAfee Web Gate).
> >> >>
> >> >> The zip would contain a virus, the following message is issued:
> >> "BehavesLike.Java.Suspicious-JAR.zv"
> >> >>
> >> >> Before I reach out the McAfee WG administrator, I would like to know
> if
> >> something is wrong with the zip content ?
> >> >>
> >> >> Same observation with JMeter 3.2 zip archive.
> >> >>
> >> >> In advance, thank you very much for your help.
> >> >
> >> > What URL did you get the zip files from?
> >> >
> >> > Did you check the signature as recommended here:
> >> >
> >> > http://www.apache.org/info/verification.html
> >> >
> >> > Or did you at least check the hash?
> >> >
> >> > The KEYS, sig and hashes must be downloaded from
> >> >
> >> > https://www.apache.org/dist/jmeter/KEYS
> >> > and
> >> > https://www.apache.org/dist/jmeter/binaries
> >> >
> >> >> MD
> >> >>
> >> >>
> >> >> ------------------------------------------------------------
> ---------
> >> >> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> >> >> For additional commands, e-mail: user-help@jmeter.apache.org
> >> >>
> >> >
> >> > ---------------------------------------------------------------------
> >> > To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> >> > For additional commands, e-mail: user-help@jmeter.apache.org
> >> >
> >> >
> >> >
> >> > ---------------------------------------------------------------------
> >> > To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> >> > For additional commands, e-mail: user-help@jmeter.apache.org
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> >> For additional commands, e-mail: user-help@jmeter.apache.org
> >>
> >>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> For additional commands, e-mail: user-help@jmeter.apache.org
>
>


-- 
Cordialement.
Philippe Mouawad.
Ubik-Ingénierie

UBIK LOAD PACK Web Site <http://www.ubikloadpack.com/>

UBIK LOAD PACK on TWITTER <https://twitter.com/ubikloadpack>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message