Jump to content
igor51

IP Blocked : 213.186.33.2

Recommended Posts

Even when facts are presented, some people just can not understand.

This snip was taken a few minutes ago from:

 

http://cbl.abuseat.org/lookup.cgi?ip=213.186.33.2

- - - begin snip

IP Address 213.186.33.2 is listed in the CBL.

It appears to be infected with a spam sending Trojan, proxy r some other form of botnet.

It was last detected at 2014-02-12 22:00 GMT (+/- 30 minutes), approximately 2 hours, 30 minutes ago.

 

It has been relisted following a previous removal at 201402-12 07:05 GMT (17 hours, 12 minutes ago)

- - - end snip

 

Reverse IP lookup results show thousands hosted on IP address 213.186.33.2

such as :  0-horoscope.com, 0-horoscopes.com, ndpmarrakech.com, ...  etc...

Share this post


Link to post
Share on other sites

At this time it seems to be ok....

 

I will not remove my advice to NOT BUY pro version until Malwarebytes publicly apologize for this abuse and until they change how they will manage blacklisting

 

 

I realise this isn't viable for everyone, but I'd urge the Security-X site be moved elsewhere.

 

Maybe we have to move to another security software instead ?

 

You're speaking like a six year old baby that does not have got his mik the way he would like to get it;

like for children the web is not only self centered !

 

I understand how hard it is to fight malware and I realy thanks Malwarebytes for the free work and providing free tools and free support.... 

but it does not allow to block thousands small websites without be rapped over the knuckles !

Share this post


Link to post
Share on other sites

At this time it seems to be ok....

 

I will not remove my advice to NOT BUY pro version until Malwarebytes publicly apologize for this abuse and until they change how they will manage blacklisting

 

 

 

Maybe we have to move to another security software instead ?

 

You're speaking like a six year old baby that does not have got his mik the way he would like to get it;

like for children the web is not only self centered !

 

I understand how hard it is to fight malware and I realy thanks Malwarebytes for the free work and providing free tools and free support.... 

but it does not allow to block thousands small websites without be rapped over the knuckles !

 

 

There's nothing to apologise for. There was a plethora of malicious content on the IP (and not for the first time I might add), and nothing being done about it, hence the block - like it or not, this got things dealt with, which may not be perfect, but is very effective.

 

I am not going to leave an IP unblocked just because blocking it may not be popular. Doing so would mean not doing my job properly.

 

As far as the block itself is concerned, it was already removed around 24 hours ago when the majority of the malicious content was dealt with by OVH.

Share this post


Link to post
Share on other sites

On a whole different sidenote: sharing so many domains on one shared IP is a bad idea... And letting your 'important' site be hosted on such a shared environment is too. It's fine for smaller (business card like) sites but not for sites with large numbers of visitors/members. If you want to ensure good uptimes for your site and not be at the mercy of what your 'neighbours' do pick a hosting package with less domains per IP. Yes, it will probably be more expensive. Don't be a cheapskate.
Pay less = bad support (as in no or slow response and removal of malware) and many potentially spamming and malware distributing neighbours that cause the IP to be blocked. There is no other sure-fire way to block these domains, a URL/name (DNS record) change is rather easy and would circumvent a domain block. MBAM is surely not the only company blocking on an IP / IP-range basis. 

 

Essence of my story: blame a: your hoster for not taking action, b: your neighbours for spreading malware, c: yourself for being cheap. Only if these are not applicable you can blame MBAM.

 

relevant read

Share this post


Link to post
Share on other sites

Sorry for the delay.

 

@Propheticus ; what's the point between SEO and MBAM which blocked the access to a website ? I don't care about SEO and your llink is completely wrong...

 

@others :

 

Why do we use a shared hosting ? Because OVH provides an easy way to set up and maintain a website. We don't want to manage system and packages update. I never use an another shared hosting.

 

A dedicated server has to be installed, configured et maintained. And I  don't really think that people who uses a dedicated server is able to fully protect the system. How many are able to set up SELinux ? to configure iptables ?

 

The problem is not the money, but time and knowledge. You cannot ask to everyone to take a dedicated server because MBAM is not able to manage correctly its "web protection' (lol).

 

I don't use MBAM, but what happens if I use a VPN to go the website ? Is the protection efficient ?

 


I realise this isn't viable for everyone, but I'd urge the Security-X site be moved elsewhere.

No way for now.

Share this post


Link to post
Share on other sites

 I've never mentioned SEO, only the link I provided as extra mentioned it.

 

There's plenty of solutions with easy setup/maintainance that are not hosting 10.000 sites on one IP, so that's a non-argument.

 

If you're unwilling to leave a server that is the source of many infections, don't be surprised that your site gets blocked because the shared server is blocked. 

Share this post


Link to post
Share on other sites

Bonjour

 

SX est encore bloqué, vous n'avez pas compris que votre système est définitivement voué à générer énormément de FP ?.

Share this post


Link to post
Share on other sites

Hello,

 

Do you have any news about this new block on this IP 213.186.33.2 ?

Why you persist to block hundreds of websites who are healthy and have no reason to be blocked ?

Share this post


Link to post
Share on other sites

We persist because issues keep turning up on the IPs. In this case, a plethora of new cases were found and sent to OVH, the block will be removed when they deal with the issues (again).

 

Just like last time, we've not blocked the entire range again, only the offending IPs with sufficient cases to warrant it.

 

/edit

 

If you'd like to assist in getting hold of OVH to get them to deal with them, I'll be more than happy to send you the list of new cases.

Share this post


Link to post
Share on other sites

This is already due to be unblocked on the next update.

 

The list of cases was sent to OVH, they finally dealt with most but not all of them. However, there's no longer enough to warrant the continued blocking of the IP.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.