I’ll just make this brief.
I get synchthing on my phone and PC. Wifi detects some German malware stuff. It’s coming from my end of the wifi. I look and luckily I was talking to a friend who help me set up syncthing on my pc and phone, the “malware” directly correlates to when I first got and used syncthing.
I’m not in legal trouble, but I am in personal/at home trouble and I just want to know why our wifi is calling syncthing malware.
You’d have to understand what does it call malware. Syncthing uses relays to establish connections to other peers when direct connection is not possible. These are provided by the community and are potentially running on the same IPs as people provided tor exit nodes etc, classifying things as malware.
So my wifi is going off because it sees the connections between my phone and pc as someone driving a stolen car? I don’t do well with code lingo, so I’m just trying to make it make sense to me.
Who is “your wifi”? The router? Where do you see those warnings? Care to post a screenshot so we get an idea of what kind of message it is?
Armstrong. I don’t know anything about the warnings. I don’t wanna get into the issue on here or at all because it’s a personal thing going on at home.
Well, then lets not get in the issue if you don’t want to. I guess I’m not sure why you opened the forum thread in the first place in that case. Uninstall it and move on.
No I meant the at home issue. I can’t look at the warnings because they’re not on my phone. I just came here wanting to know if this thing was safe and why the heck it was flagging my connection as malware. That’s all. I know the warning could help but the only thing I DO know is it happened the moment I turned on syncthing.
It’s your software telling you things, you should ask whoever provided you with that software what that means.
We don’t know what your software is flagging up.
Ah. Well thanks for trying. So syncthing isn’t like malware or anything?
The source code is there out in the open, you are free to conduct the audit of it and build it yourself.
If it was, would you expect me to be honest and admit it?
While Audrius answer is absolutely correct (and quite brilliant), let me still give the plain, simple answer (in principle useless, in practice probably not):
Syncthing is not malware - something else is the issue here.
Well I can’t know what it is, sadly. I don’t understand at all what Audrius said. I just came here with a simple question. That is all.
From past experience, we’ve seen security software such as firewalls or intrusion detection systems alerting when syncthing is running.
This is usually related to the fact that syncthing uses community hosted relays. Those are located all over the world and are run by third parties. Those relay connections are not insecure, but some security software still doesn’t like them (because their IP addresses are in some kind of blocklist).
We don’t know whether this applies to you though, and your software may be complaining about something else. That’s why we were asking about more details - otherwise we’re just guessing as well.
Ahh. So it’s sending alarms because we’re going through germany without proper paperwork that says we can be there basically. Since you said they’re all over the world then it’s more than likely picking up on a relay in germany and thinks it’s evil or whatever.
I’m just guessing as well since all this started the MOMENT I activated syncthing. Gave exact time and everything, the security report did I mean. Also I’m sorry if I was rude to anyone in this thread, I’ve had a long day, but still I shouldn’t take it out on you.
We got a malware warning and a blocked sync on one of our machines that was running very aggressive antivirus/anti malware software.
We were syncing an application directory and the offending action was renaming a temporary file to the original file’s name which ended in .exe. The malware detection thought syncthing was trying to plant a malware application. Nope. It was just transferring the application we told it to transfer.
As has been said you need to investigate the root cause of the flag which was raised by the tool that did the flagging.
Some Windows anti-virus software programs will flag Syncthing as malware when it tries to connect to external servers, such as relay servers.
I use Malwarebytes, and I needed to add an exception for syncthing.exe.
My PC with Avast never complains.
If all of your servers are on the same network you can disable relay and that will probably eliminate the errors that you’re receiving at home from Whatever is telling you about the malware.
If you only have 2 servers, the phone, and your PC, you can disable relay servers on both. That will probably address your problem.
As someone else mentioned, relay servers can be run on servers that run other things and it might be those other things that were flagged by something in the malware community.
Try turning off relay and see if the errors go away.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.