Hi! I have installed CIS 6 on many PC in my LAN. I totally understand that UDP traffic to port 4447 is part of the cloud analysis system CIS uses but I cannot understand why it rises thousands of connection every 2/3 minutes with Byte In: 61B and Byte Out: 0B.
I don’t know if this is working as expected. I hope this is not the normal behaviour since having 4 or 5 PC that opens all theses connections every couples of minutes makes my Netgear router noticeably slow down. I have now disabled the cloud feature but I would like to understand if I can use it in the future, fixing this problem and if all theses connections are normal or a personal wrong situation.
Many thanks!
[size=1]I changed the title a bit for a better description. Eric[/szie]
Hi Eric and thank you for your reply.
0 files in Submitted and 1500 in unrecognised of which 95% are from subfolders of c:\windows\assembly\nativeimages with vendor marked as Microsoft. I tried to clean the list but these files reappear after a while.
Is it ok to mark all of them as secure?
That folder is used to store compiled .NET framework images.
I am inclined to think that native images with vendor Microsoft can be trusted.
Is there anybody who can shine a little more light on the native images assembly? Part of them may be related to the OS others may be related to non OS applications written in .NET.
Ok, I have marked all the files as secure and without any unrecognized files the problem seems solved, but I imagine that it will be back once the list will be repopulated with some files.
How does CIS works? It makes a request on the cloud for every files he does not recognize?
So far so good, it sounds ok, but why it try again every couple of minutes? It should check again the same file for which the cloud did not give a reply after a scheduled period of time (let’s say 12 or 24h) instead it seems to constantly loop… :-\