Jump to content

blockage of ip addresses and maintaince after deletion


Recommended Posts

Hey MB, I love the product; there are no actual complaints from my side, just a few inquiries into the nature of p2p sites and Malwarebytes and IP blockage. I looked around on the net and have found a few responses but, I figured, why not ask the makers themselves? Surely, they'll have a more centralized answer. I know about refurbishing an IP address by revisiting the blocked site-

1. How do i refurbish an IP address blocked by Malwarebytes if it blocks it through a p2p engine like Bit Torrent 7.5? Do I re-download the torrent and try to refurbish it by attempting to go through the 'blocked ip addresses' or are they permanently blocked?

1A. I searched the MB logs and found the IP addresses that were blocked- I know about there being a valid reasoning behind the blockage; that the prohibition is most likely because the ip address was malicious in the eyes of MB and that I should CnP them to notepad and send it to your techies but is this an entirely different case? What do i do here?

1B. The thing is: I've removed MB (restarted my computer and everything) and tried initializing another download for the torrent but nothing seems changed from after MB had blocked IP addresses.

1C. Curiosity question here- Once MB is uninstalled, are the formally blocked IP's now unblocked?

2. I've also noticed a ridiculous increase in the reduction of DL speed in BT 7.5. I've recently removed MB because an inquiry now takes 2 weeks and 3days (which is EXTREMELY FRUSTRATING, I might add), whereas before it once only took 30 minutes.

2a. HOW DO I CHANGE THIS? What did MB do to my torrent availability? Am I now only able to download torrents at retard speeds- I have the best possible connection available by Comcast and before MB installation, p2p sites were brief DLs- and...

2b. I know it's very irrational to automatically assume that MB drastically reduced Bit Torrent 7.5's DL speeds.... but i have tried several different p2p sites and the speeds are now all the same- a DL that once took 2 hours now takes 7weeks everywhere I go with and without MB installed.

However, it doesn't mean the torrent doesn't download for me anymore. Downloads still continue. I have removed MB but still have this site bookmarked for probability reasons. Any answers would be greatly appreciated.

Link to post
Share on other sites

Greetings :)

  1. I assume that by 'refurbish' you actually mean add to your Ignore List so that the IP is not longer blocked. If that is the case, then all you would need to visit the blocked IP (you can literally type the ip into your internet browser, and once Malwarebytes blocks it, use the Add to Ignore List function in the tray to add it to your Ignore List)

    1. Generally with peer-to-peer software, the reason you'll see IP blocks is simply because many of the IP's and IP ranges used are also host to infections, we don't deliberately block access to peer-to-peer programs, protocols or IP's, so if an IP is blocked, it's because it is hosting malicious content in addition to the content you're downloading (also remember that an IP is a number that represents the server the content is stored on, and each IP can actually be host to many domains, some of which may be malicious and some of which may not be)
    2. That is likely due to DNS caching in Windows. Once an IP has been blocked by Malwarebytes, Windows itself may proceed to keep you from accessing the IP. Generally, running a program like CCleaner to clear temp files and the DNS cache (a function CCleaner performs) will resolve this
    3. See b above. They should be, but if Windows has cached the connection (or lack thereof) to the IP in question, then it may remain inaccessible until you clear your DNS cache

    4. This is likely due to the IP's being blocked. Access to fewer IP's for downloading the files results in slower downloads (this is why we generally recommend that if you insist on using P2P software, that you actually disable the Website Blocking mechanism in Malwarebytes when you do so)
      1. See item 2 above, fewer IP connections=slower downloads
      2. Again, see item 2 above

    I hope that answers everything for you. All that being said, we do have a procedure for reporting false positives (FP's) with the website blocking mechanism, but honestly, in most cases with P2P software, they're connecting to some notoriously malicious IP's and we often cannot in good conscience remove them from our blocked IP's list. If you do ever wish to report an IP blocking false positive, then please refer to this post: IP Blocking False Positives and post the info here: False Positives. You obviously won't have a URL since the connection being blocked is actually through your P2P program, but you may report them if you wish and see if any of them are indeed FP's (sometimes an IP block can be removed because the malicious content that once resided on an IP address has been cleaned up already by the owner of the server).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.