Do dongles make external website calls?

Do dongles make external website calls?

Summary

Detecting HASP or WIBU flexid may take more than 30 seconds per request

Question

We're using FNP 2016 R2 SP1 on Windows and run our software in a closed network environment behind a restrictive firewall. We noticed that, under certain circumstances, the lmhostid tool can take a long time (up to 30 seconds or longer) to detect a FLEX9 or Wibu dongle.

After troubleshooting the problem and checking the network logs, we noticed that lmhostid sends requests to an external website. The DNS is owned by a known corporation and is used as an OCSP endpoint and appears to be a part of PKIX infrastructure to check for the validity of code signing certificates.

Is this something FNP controls?

Answer

FNP uses dynamic linking to dongles, which means that for both SafeNet and Wibu there is user space shared object that needs to be present ? haspsrm_win32/64.dll in the case of SafeNet. That dll is digitally signed. To prevent spoofing, we do an explicit check of the digital signature.
Was this article helpful? Yes No
No ratings
Version history
Revision #:
1 of 1
Last update:
‎Nov 14, 2018 10:04 PM
Updated by: