Jump to content

wtfits.science false positive?


skyem

Recommended Posts

Sorry if I don't have all the information you need, as what's happening is slightly confusing.

I do know that the domain name "wtfits.science" is blocked. It's hosted by a friend of mine, so it should be safe.

Here is a snippet from the protection log:

Detection, 2017-03-19 17:35, SYSTEM, SKYE-WINDESK-01, Protection, Malicious Website Protection, Domain, 78.94.116.114, wtfits.science, 2986, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,

It's worth noting that they use the IP address range from 78.94.116.113 to 78.94.116.118.

The strange stuff happens when I added the exclusion to that domain name (and IP). I can access it from my web browser just fine (it loads the nginx page because they don't host any website there), but when I try to connect to it from Minecraft, it doesn't work at all. What's odd is that there's no report in the protection log about it being blocked.
Out of curiosity I tried to use nslookup, and it seems to be that even when it's unblocked in my web browser, it blocks other programs from being able to access it? When I added nslookup to the exclusion list it returned the correct result.
This is somewhat confusing for me, as I tend to use software other than web browsers, such as PuTTY, Minecraft, etc...

Fortunately, I can connect directly to the IP address and it works fine, so it only seems to be the domain name that the blocker doesn't like.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.