Hey everyone! I'm currently interning at a company, and I've been tasked with assessing two software applications: NoMachine and NetBird. I ran their installers through VirusTotal, and I noticed some concerning flags. For NetBird, a .dll file was marked as malicious by one of the vendors. For NoMachine, the installer connects to two flagged IPs—one linked to Akamai and the other to RIPE NCC, both of which have generated flags in other applications too. I'm looking for guidance on how to assess these softwares, including steps I can take to determine if they're safe for internal use. What are your thoughts on this situation?
2 Answers
If you need to, here are the VirusTotal links for both software scans you can refer to. They contain detailed information about the flags:
- NetBird: [VirusTotal - File](https://www.virustotal.com/gui/file/303da19efa597437a055d94c060c62ed73819951dbd896724414a4619129aa0f/relations)
- NoMachine: [VirusTotal - File](https://www.virustotal.com/gui/file/1c4e81bc0e2bb9b0ab91bc1c15a2251a9c7939addb5ca04940b5ab5031fba0ab/relations)
Just a heads up, Akamai is a content delivery network and cloud service provider. It’s not uncommon for their IPs to be flagged—this could be related to someone using their services for malicious intent. Make sure to dig deeper into the context of why those IPs are flagged before making a decision on the software.
Could you elaborate on the types of issues that might lead to Akamai’s IPs getting flagged? Is it common for legitimate cloud providers to face this?