-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'Chisel' unwanted software was detected (Agentless) #11994
Comments
any upd on this? |
The Chisel library is required for us to establish a reverse tunnel to Edge Agent environments, and is being falsely identified as malicious by Defender. You can find in-depth discussion of this kind of flagging happening before to Chisel in their GitHub repo. We are discussing internally what we can potentially do here but unfortunately we are at the mercy of Microsoft and their decision-making around "threats". In the meantime, you may be able to configure an exception to ignore this in your Defender configuration. |
Before you start please confirm the following.
Problem Description
Microsoft Defender is reporting this, on the portainer container.
Name:
portainer
Directory:
var/lib/docker/overlay2/18bcaff106af338d515bf2e54bc590549903ef06322863a8d57b31df5b63a0e9/diff
File Hashed:
3f7802f5dd8c1ad2137e725a6250867d5fc8cdd3 (SHA1), c82a6e283f050cb8215c9103863e914a (MD5), 2528ac71a0ac6a01bb9c2888c7776cd7382a6e4c9f8b6233cf34099601880ad4 (SHA256)
Malware Name:
Misleading:Linux/Chisel.A!MTB
Category:
Adware
Potentially unwanted software is a category of applications that install and perform undesirable activity without adequate user consent. These applications are not necessarily malicious, but their behaviors often negatively impact the computing experience, even appearing to invade user privacy. Many of these applications display advertising, modify browser settings, and install bundled software.
Expected Behavior
No security alert from defender for cloud
Actual Behavior
Microsoft Defender is reporting this, on the portainer container.
Steps to Reproduce
Deploy linux host in azure with Defender for cloud agent
Install docker
run latest portainer as container
Portainer logs or screenshots
No response
Portainer version
2.20.3
Portainer Edition
Community Edition (CE)
Platform and Version
Docker
OS and Architecture
Debian
Browser
No response
What command did you use to deploy Portainer?
Additional Information
No response
The text was updated successfully, but these errors were encountered: