Jump to content

Why is MBAM is blocking outgoing VPN Gate IP address 80.82.64.193 ?

Slartibartfarst
 Share

Recommended Posts

Slartibartfarst

Slartibartfarst

Posted
Posted

As a trial, I've been using VPN Gate on and off for a few months. For probably most of the time it sits passively in my Systray (executable is vpnclient_x64.exe).
However, MBAM (the Malwarebytes Anti-Malware proggy that I use) regularly reports it as being blocked whilst trying to communicate with a dodgy IP address - 80.82.64.193 (Type: outgoing, Port: 57126, Process: vpnclient_x64.exe)

I did a WHOIS via http://ipaddress.is/80.82.64.193 on this IP address, which returned this information (and more):

Quote
IP Address 80.82.64.193 Profile
A detailed IP address report for 80.82.64.193 is below. The timezone of 80.82.64.193 is Europe/Amsterdam. The current local time of 80.82.64.193 is Friday 27th of September 2013 03:08:36 AM.
IP Address Location Information For 80.82.64.193
IP Address   80.82.64.193
Host   dea.anonymouse.me
Country   Netherlands
ISP   Eyes4media GmbH
Organization   AS29073, Ecatel LTD
Latitude   52°30'00" N
Longitude   5°45'00" E
_______________________

That looks like it is probably one of the "anonymous" VPN Gate network nodes, but I would like to find out more about why MBAM blocks it and why it (in Holland) is a main node for my client in the VPN Gate network - which I thought was Japan-based.
I just wonder whether there might be an NSA connection sucking on the end of that IP address...

 

Any suggestions or more info about this IP address?

Link to post
Share on other sites
Wide_Glide

Wide_Glide

Posted
Posted

Hello  Slartibartfarst   and Welcome,

 

IP Address   80.82.64.193= ET-RBN Known Russian Buisness Network IP with malicious detections as of Today-9-27-2013

It would seem your software is allowing you to connect to IP's that can be malicious.

 

You might want to wait for a Admin or Expert's opinion as I am neither, just a helper

 

Have a great day!

Link to post
Share on other sites
Slartibartfarst

Slartibartfarst

Posted
  • Author
Posted

This is an excerpted example from today's log (with obfuscated user name):

2013/09/27 00:05:55 +1200    HPENVY14-1112TX    User    MESSAGE    Starting protection
2013/09/27 00:05:55 +1200    HPENVY14-1112TX    User    MESSAGE    Protection started successfully
2013/09/27 00:05:55 +1200    HPENVY14-1112TX    User    MESSAGE    Starting IP protection
2013/09/27 00:05:58 +1200    HPENVY14-1112TX    User    MESSAGE    IP Protection started successfully
2013/09/27 12:33:17 +1200    HPENVY14-1112TX    User    IP-BLOCK    80.82.64.193 (Type: outgoing, Port: 57126, Process: vpnclient_x64.exe)
2013/09/27 12:33:17 +1200    HPENVY14-1112TX    User    IP-BLOCK    80.82.64.193 (Type: outgoing, Port: 57126, Process: vpnclient_x64.exe)
2013/09/27 12:33:17 +1200    HPENVY14-1112TX    User    IP-BLOCK    80.82.64.193 (Type: outgoing, Port: 57126, Process: vpnclient_x64.exe)
2013/09/27 12:33:17 +1200    HPENVY14-1112TX    User    IP-BLOCK    80.82.64.193 (Type: outgoing, Port: 57126, Process: vpnclient_x64.exe)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.