* why is mintty trying to connect to google through my browser
@ 2019-10-11 18:34 LMH
2019-10-11 18:50 ` René Berber
2019-10-11 19:11 ` Thomas Wolff
0 siblings, 2 replies; 3+ messages in thread
From: LMH @ 2019-10-11 18:34 UTC (permalink / raw)
To: cygwin
Hello,
I had an odd thing happen today. I opened a cygwin terminal to do something and got a
firewall alert that mintty was attempting to inject network traffic. I did a
temporary deny because there is no reason for mintty to make a connection based on
what I was doing and I have never seen that alert before (or I would have a firewall
rule already). That alert doesn't say where the connection would be made to if the
injection was allowed.
This temporary block seemed to break my seamonkey connection. My firewall log is full
of entries about blocked connections for seamonkey and the reason given is
"restricted parent process c:\cygwin\bin\mintty". I did not launch seamonkey using
mintty, so I have no idea why the firewall would see mintty as the parent process.
All of the seamonkey attempted connections to my email server were also blocked for
the same reason. When I closed the terminal, everything went back to normal.
It seems like mintty tried to inject some network traffic to the seamonkey process
and for some reason, blocking this injection caused the firewall to block all traffic
from seamonkey.
Why would mintty try to inject network traffic to another process at startup? If it
needed ot connect for some reason, why would mintty try to make that connection
through another application instead of just making the connection itself?
I deleted any firewall rules for mintty and started the terminal again, but that does
not reproduce the situation at the moment.
I believe this is cygwin 2.3.1.
LMH
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: why is mintty trying to connect to google through my browser
2019-10-11 18:34 why is mintty trying to connect to google through my browser LMH
@ 2019-10-11 18:50 ` René Berber
2019-10-11 19:11 ` Thomas Wolff
1 sibling, 0 replies; 3+ messages in thread
From: René Berber @ 2019-10-11 18:50 UTC (permalink / raw)
To: cygwin
On 10/11/2019 1:33 PM, LMH wrote:
[snip]
> I opened a cygwin terminal to do something and got a
> firewall alert that mintty was attempting to inject network traffic.
[snip]
Perhaps the .bashrc/.bash_profile/etc. script runs something that does that.
--
R.Berber
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: why is mintty trying to connect to google through my browser
2019-10-11 18:34 why is mintty trying to connect to google through my browser LMH
2019-10-11 18:50 ` René Berber
@ 2019-10-11 19:11 ` Thomas Wolff
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Wolff @ 2019-10-11 19:11 UTC (permalink / raw)
To: cygwin
Am 11.10.2019 um 20:33 schrieb LMH:
> Hello,
>
> I had an odd thing happen today. I opened a cygwin terminal to do something and got a
> firewall alert that mintty was attempting to inject network traffic. I did a
> temporary deny because there is no reason for mintty to make a connection based on
> what I was doing and I have never seen that alert before (or I would have a firewall
> rule already). That alert doesn't say where the connection would be made to if the
> injection was allowed.
>
> This temporary block seemed to break my seamonkey connection. My firewall log is full
> of entries about blocked connections for seamonkey and the reason given is
> "restricted parent process c:\cygwin\bin\mintty". I did not launch seamonkey using
> mintty, so I have no idea why the firewall would see mintty as the parent process.
> All of the seamonkey attempted connections to my email server were also blocked for
> the same reason. When I closed the terminal, everything went back to normal.
>
> It seems like mintty tried to inject some network traffic to the seamonkey process
> and for some reason, blocking this injection caused the firewall to block all traffic
> from seamonkey.
>
> Why would mintty try to inject network traffic to another process at startup? If it
> needed ot connect for some reason, why would mintty try to make that connection
> through another application instead of just making the connection itself?
It does neither of that. Mintty only ever accesses the network if you
open the Options dialog.
It occasionally looks up the current mintty version for an indication
that you could update (disable with CheckVersionUpdate=0), and it
downloads contents if you drag a URL onto the Theme configuration field
(also planned for the Bell Wave file) or click on the "Color Scheme
Designer" button.
> I deleted any firewall rules for mintty and started the terminal again, but that does
> not reproduce the situation at the moment.
This, and the fact that your system claimed mintty to be the parent of
Seamonkey, suggests that something is or was utterly broken on your system.
Thomas
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-10-11 19:11 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-11 18:34 why is mintty trying to connect to google through my browser LMH
2019-10-11 18:50 ` René Berber
2019-10-11 19:11 ` Thomas Wolff
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).