Direct connection via VPN

[mirillis]

Why are these packet so small in your Wireshark screen (74 bytes...)??? How is this possible. Something's not correct here. They should be ~MTU size.

 

[vamp]

i see similar if i connect locally:

 

[mirillis]

OK so locally we have the same results (I think correct).

 

[mirillis]

I think something on our side does not detect that with VPN it is the same setup and uses the global IP.

 

[vamp]

I think something on our side does not detect that with VPN it is the same setup and uses the global IP.

i feel exactly the same!

 

[mirillis]

Thank you vamp! This is something important and needs further investigation. Now we need the same setup here.

 

[mirillis]

Last question. When you see these strange things in Wireshark does the connection work?

 

[vamp]

Last question. When you see these strange things in Wireshark does the connection work?

If i try it via VPN, only Connect Anywhere connect working. I get strange wireshark results.

If i try to connect locally, i get similar wireshark result with you.

 

[mirillis]

Ok now I know everything. It this is a bug it will be fixed ASAP.

 

[vamp]

Ok now I know everything. It this is a bug it will be fixed ASAP.

Thanks for that.

One thing that not connect this theme, but good to know.

Bitdefender are say that this file Remotly_x86.bin is malicious. I send it this file to bitdefender that analize it, because i think it false positive.

If your company have a direct access to bitdefender, good that you also report this false positive, that make the test faster.

Advanced Threat Control has blocked a process that has been detected as malicious.Process path: C:\Users\nsuto\AppData\Local\Mirillis\Remotly\Remotly_x86.bin. Threat name: ATC.SuspiciousBehavior.F9B8A3236D23F377.

 

[mirillis]

Please check with virustotal.com

 

[mirillis]

Bitdefender shows this file is clean on virtustotal

 

[mirillis]

 

[mirillis]

Only these 2 non popular show false positive.

 

[mirillis]

We are using VMProtect for these two .bin files (to protect against reverse engineering).

 

[vamp]

Yes i see it, it is a reason that i send it to Bitdefender, furter analize.

I get this:

 

[mirillis]

Super strange. It shows as clean in defender here locally. I think they flag files that are obfuscated.

 

[mirillis]

BTW. We have government users that are switching from Teamviewer and Anydesk and I think their admins would notify us about this.

 

[vamp]

Yeah I totaly shure that is false positive. But need to report it to bitdefender, because I can not use it my Windows notebook, that use bitdefender

 

[mirillis]

Ok we know what is the problem. It's the ping that is not working for mobile device (no response). Someone made an assumption that it will always work in local network. We need to add a "backup" UDP ping.