Jump to content
igor51

IP Blocked : 213.186.33.2

Recommended Posts

Hello,

Yet OVH has also been contacted by us, individually.

They have not contacted the team Malwarebytes ?

OVH technician says that if a malicious site has been detected on shared hosting, it was blocked by their staff and the owner is notified.

Other sites are safe and for these sites, blocking is a FP.

That is correct. They've been sent no less than 4 emails regarding this, in the past week. Cases were re-checked by me prior to the last email being sent,so no, they're not F/P's.

It is definitely because you're blocking legitimate sites, in my concern security-x.fr.

I used to recommand MBAM around me, including the commercial version of MBAM, but I'm afraid I will stop recommanding your product.

Preventing people from accessing legitimate web sites is neither "security" nor "protection", it is filtering.

Please reconsider your positions and do something for all legimate web sites you are blocking on this IP.

Thank you.

I'm more than willing to accept assistance from OVH customers as far as reaching OVH to have something done, but again, this is not an F/P. Contrary to popular belief, I do not like having to block IPs, especially shared IPs, but the risks of not doing so, are far higher than doing so.

Share this post


Link to post
Share on other sites

Hello

Definitely, it is a false positif. Why do you except from OVH ? And What are your criteria to blacklist an IP ?

, I do not like having to block IPs, especially shared IPs, but the risks of not doing so, are far higher than doing so.

Are you kidding me ? Why do you not apply the same criteria for files ? Any executable files are dangerous for the system. So you have to block all files....

Why do you not use the same "protocol" or method that Google Safe Browsing ? You maintain a list of blacklisted IP so you can add a domain name for the shared hosting to avoid false positive....

Share this post


Link to post
Share on other sites
I do not like having to block IPs, especially shared IPs, but the risks of not doing so, are far higher than doing so.

Maybe you should block all IPs addresses ? This would prevent all your end-users from being infected!

I do not understand why you cannot use a whitelist for all well-known safe domains on these IPs addresses. You are currently affected several legitimate organizations.

Because you are blocking several legitimate web sites, I may consider that MBAM is a malware and so I can write a tool to detect and suppress MBAM.

Blocking legitmate web site is definitely malware behaviour.

I truly do not understand why you are not trying to do something on your own (instead of just hidding behind OVH) to solve this False Positive.

Share this post


Link to post
Share on other sites

Once again, this is not an F/P, and there's no "hiding" behind anything, the problem exists because OVH are not responding, as mentioned - I'm more than willing to accept assistance from OVH customers in reaching them but so far, all responses in this and other threads, instead of offering assistance, have been insulting instead.

As for a whitelist, the simple reason for my not doing this is because MBAM does not currently support such a facility.

Share this post


Link to post
Share on other sites

I'm sure you'll all be pleased to know, Bilel from OVH responded whilst I was out this afternoon, just got back and finished going through the cases causing the block. OVH have now suspended the vast majority of sites affected with only a handful still remaining live.

As there's now only a handful still live, the block will be removed on the next update.

Share this post


Link to post
Share on other sites

With all the respect I have for you, even if OVH takes a long time to block malicious websites, you do not have to block thousands of other websites because a handful of them are malicious.

As more websites become infected, everything will restart again if you continue to block by IPs.

Share this post


Link to post
Share on other sites

I'm sure you'll all be pleased to know, Bilel from OVH responded whilst I was out this afternoon, just got back and finished going through the cases causing the block. OVH have now suspended the vast majority of sites affected with only a handful still remaining live.

As there's now only a handful still live, the block will be removed on the next update.

Good news ! When is next update planned ?

Share this post


Link to post
Share on other sites

Good news ! When is next update planned ?

Should be out within the hour.

Share this post


Link to post
Share on other sites

Now MBAM is blocking not only Sumo on my pc's but also Rainmeter - where does it end???

No idea what Rainmeter is, but if it's on the same IP, the block has already been removed.

Share this post


Link to post
Share on other sites

Rainmeter is a "widget" like overlay for Windows.

However, I believe rainmeter's site appears to be down or not responding, as disabling network protection/Website Blocking still does not load the rainmeter website.

Share this post


Link to post
Share on other sites

Hello,

First, thanks to have removed this IP.

Second, I think the main problem is still remained. You block all websites because of on IP address. You can really improve your software by using a more fine-grained detection for the malicious websites.

Why cannot you use the combination domain name/IP address to block a website which it hosts on a shared hosting ?

Share this post


Link to post
Share on other sites

Hello,

 

IP Security-X is still blocked by MBAM

213.186.33.2

 

It is not the first time that you block OVH's IPs. OVH is a completely clean.

 

And Security-X is also completely clean.

 

Thank you to lift this block quickly.
 
Best regards

Share this post


Link to post
Share on other sites

Hello,

 

once agian, your stupid method blocks a large range of OVH IP.

 

I don't work for OVH, but seriously, when you block just one IP from a shared hosting, you block several websites. You have a lot of false positive with your method to get a more "secure" (lol) surf.

 

 

Please unblock the IP and use a different method to ensure a safe surf.

 

igor51

Share this post


Link to post
Share on other sites

In the topic just under, i was the first to signal the problem with all IPs from OVH:

no answer at all !!!!!

It is just like blocking all Ips from Godaddy, 18 milions of web sites !!!!.

 

AN ENORMOUS MISTAKE, unforgivable, and a BIG prejudice for millions of web site, including mines, that you seem (Malwarebytes) to not consider at all.

Ok, MBAM uninstalled, with no prejudice for future legal prosecutions against Malwarebytes.

Share this post


Link to post
Share on other sites

It's not the site itself that is the issue, it's the IP. This is one of 4-5 IPs blocked on the /24, due to over 600 cases.

Not true: all the IPs from the range   213.186.33.xx i have tried are  blocked. Including the one from the OVH main website (i doubt it is on a shared hosting !!!).

Share this post


Link to post
Share on other sites

I've pushed out an update that corrects this. Sorry for the inconvenience folks.

Share this post


Link to post
Share on other sites

I just tried an update 10 minutes ago: nothing changed. It is a just a shame !

Even a newbie with no idea of Internet could not imagine to block IPs in order to protect computers from infected *urls*.

You really deserve a prosecution for the prejudice.

Share this post


Link to post
Share on other sites

Salut Esperado :-)

 

MysteryFCM pushed an update which should be out in about an hour or so.

>> Ça va prendre environ une heure avant que la MAJ ne soit Live.

 

@++

Share this post


Link to post
Share on other sites

Salut Esperado :-)

 

MysteryFCM pushed an update which should be out in about an hour or so.

>> Ça va prendre environ une heure avant que la MAJ ne soit Live.

 

Can-you explain how MysteryFCM can leave my post "all OVH IPs(France) seems blocked " unanswered since 4 AM ?

>> Cette histoire est révélatrice du monde d'incurie, d’incompétence et d'irresponsabilité dans lequel nous vivons.

OVH, had not answered neither, on their side, to my numerous phone calls and mails to their different services.

So i had unisntalled Malwarebytes from my computers, (acting as a virus and not serious), and will find an other provider witch takes more care of its clients.

Share this post


Link to post
Share on other sites

Hi,

 

 

I've pushed out an update that corrects this. Sorry for the inconvenience folks.

 

Thanks, MysteryFCM, for the update.

 

 

 

MysteryFCM pushed an update which should be out in about an hour or so.

 

Thanks, Mark, for the precision

 

:)

Share this post


Link to post
Share on other sites

I just tried an update 10 minutes ago: nothing changed. It is a just a shame !

Even a newbie with no idea of Internet could not imagine to block IPs in order to protect computers from infected *urls*.

You really deserve a prosecution for the prejudice.

 

Sorry for not being more specific, by "pushed an update", I meant it had been pushed to the guys that push it out to users. It should be out to users within the hour.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.