Jump to content

So what does "outbound" mean


Recommended Posts

I sometimes receive pop up notifications of malicious activity from my malware bytes.  I would please ask for an explanation of "outbound."

When the pop up occurs it also says for me to manage what has just been described to me as malicious.  How do I manage ?  What does this mean, please ?

Checking my MWB log after such notification, it says the following:

Detection, 11/24/2016 10:07 AM, SYSTEM, CPUOAF0101P, Protection, Malicious Website Protection, Domain, 212.48.98.29, om.forgeofempires.com, 53563, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,

Does this means something resides on my computer that is advisable to remove ?

Thank you !

 

 

Link to post
Share on other sites

Outbound - A program, utility or file on the computer generated requests that went from the POV of the computer to the Internet.  [ TCP/IP packet egress ]

Inbound - Requests are generated from the POV of the Internet and are intended for the computer.  [ TCP/IP packet ingress ]

 

Link to post
Share on other sites

Yes....thank you for asking............

When the pop up occurs it also says for me to manage what has just been described to me as malicious.  How do I manage ?  What does this mean, please ?

Checking my MWB log after such notification, it says the following:

Detection, 11/24/2016 10:07 AM, SYSTEM, CPUOAF0101P, Protection, Malicious Website Protection, Domain, 212.48.98.29, om.forgeofempires.com, 53563, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,

Does this means something resides on my computer that is advisable to remove ?

 

Link to post
Share on other sites

People don't realize that you may visit one web site via a Web Browser but that site may cause you to "visit" a myriad of other sites.  If one of those sites is for advertising, it may have a laundry list of ads that are randomized or rotated-in and one site may exhibit malvertisements.

This can happen with Peer-to-Peer ( aka P2P ) software, such as Skype, which may try to contact a site in the Malwarebyte's blocked list.

What it means is that is a program or process connected to a site that is blocked by Malwarebytes.  Some are down-right malicious others are low risk and others are in the list but no-longer show a threat.

Anti malware software in general provide the capability to perform "exclusions".  That is a set of rules the end-user can add which can be used for excluding file(s) and sites from being blocked.

The Management aspect means looking at what program causes this ( Like Firefox [ firefox.exe ] ) and what you are doing.  If the site generates a Blocked Notification and you want to override it you have MBAM exclude it.

A Blocked Notification  doesn't mean it is necessarily malicious.  It is an indicator to keep you on your toes and for you to be wary.

If you can verify that you are accessing a Forge of Empires legitimate site, you can exclude it.  If it is legitimate site then it may have had a problem but that was already remedied.  One can submit the site name, IP address and information to see if it is a False Positive.  If it is a case where that site has been cleaned/mitigated, Malwarebytes may choose to remove it from their Blocked List.

 

Edited by David H. Lipman
Link to post
Share on other sites

Thanks a lot David.  Your responses has launched me off on to locations at mwb site that relate to the topic, and I have learned a lot from it. 

One more point of clarification not totally satisfied in the various places I have read, and that is where to submit to determine if malicious or not.

1.  One spot about this subject refers me to a data base for those using XP or Vista.  That would not be me.

2. There is a False Positive location that appears to be more for those wishing to submit a certainty of a site being a false positive.  I don't want to get in the way there if it is not the appropriate place to submit the site that comes for me as malicious. I don't know if it is or not.  Your earlier advice to me was to visit it to determine if its malicious, but I still would not know if it is or not unless while there, mwb identifies that it is.   From my mwb scan log, once again it is.....

Detection, 11/24/2016 10:07 AM, SYSTEM, CPUOAF0101P, Protection, Malicious Website Protection, Domain, 212.48.98.29, om.forgeofempires.com, 53563, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,

Should I go to the False Positive forum to submit this for examination ?

 

 

 

 

 

Link to post
Share on other sites

forgeofempires.com

Quote
  • Domain is registered with domrobot.com
  • Domain is registered to InnoGames GmbH
  • Web site is hosted by InnoGames IP Network, Germany
  • Mail Server is hosted by Broomstick, USA - Texas
  • Domain was created on 10/21/2011
  • Domain was last updated on 10/21/2016
  • Domain expires on 10/21/2017
  • Web server string: nginx/1.6.2

It seems legitimate so you can submit it as a False Positive in Website Blocking after reading;   Please Read Before Reporting A False Positive

Edited by David H. Lipman
Edited for clarity, spelling and grammar
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.