You are here

[Fixed] Portable Apps Update process needs a different User-Agent

3 posts / 0 new
Last post
Last seen: 11 years 1 month ago
Joined: 2012-02-10 13:00
[Fixed] Portable Apps Update process needs a different User-Agent

I'm using 10.0.1.

An update of one of my portable apps tripped one of our IDS signatures. The signature triggers on a user-agent string known to be used by various malware.

SRC: GET /project/portableapps/Google%20Chrome%20Portable/Additional%20Versions/GoogleChromePortable_17.0.963.46_online.paf.exe HTTP/1.1
SRC: User-Agent: NSIS_Inetc (Mozilla)
SRC: Host:
SRC: Pragma: no-cache
SRC: X-Forwarded-For:
SRC: Connection: Keep-Alive

Link to the IDS rule:

My advice would be to change the portable app update tool and have it provide it's own User-Agent string.

Pyromaniac's picture
Last seen: 7 years 11 months ago
Joined: 2008-09-30 19:18

That's the standard NSIS downloading plugin used by virtually all NSIS online installers. That's like blocking a message box that yells out "Hello World!" Pardon

Sure, viruses can download stuff and upload tracking information, but that can be done with any language as well. I really don't think NSIS_Inetc should be blocked.

John T. Haller
John T. Haller's picture
Last seen: 1 hour 13 min ago
Joined: 2005-11-28 22:21
Fixed in 10.1

A different useragent is used in 10.1 that should alleviate this issue in most strict corporate environments.

Sometimes, the impossible can become possible, if you're awesome!

Log in or register to post comments