servicemstr

64.202.189.170

Recommended Posts

If the site is indeed legit, you'd be advised to ask the owner to move the site to a new IP address.

The site is legit and that IP is not the IP of the site it is blocking. IP 64.202.189.170 belongs to GoDaddy.com all it is is a forwarding IP that GoDaddy uses for it's DNS server. Of the millions of GoDaddy customers who use their forwarding DNS if they install MBAM it will block access to all of those websites. MBAM does not check content of what it blocks it just relies on the truthfulness of the files supplied by hosts-file.net. I am not sure how many other web hosting companies are listed it this list but I am sure there are more then one. GoDaddy is aware of this blocking and I am sure they will be contacting MBAM about this so we will probably be seeing some changes made to MBAM's IP blocking. The concept is good but it does not work correctly.

Share this post


Link to post
Share on other sites
TeMerc   
The site is legit and that IP is not the IP of the site it is blocking. IP 64.202.189.170 belongs to GoDaddy.com all it is is a forwarding IP that GoDaddy uses for it's DNS server. Of the millions of GoDaddy customers who use their forwarding DNS if they install MBAM it will block access to all of those websites. MBAM does not check content of what it blocks it just relies on the truthfulness of the files supplied by hosts-file.net. I am not sure how many other web hosting companies are listed it this list but I am sure there are more then one. GoDaddy is aware of this blocking and I am sure they will be contacting MBAM about this so we will probably be seeing some changes made to MBAM's IP blocking. The concept is good but it does not work correctly.
MBAM does independent testing of what is listed @ hpHosts. And does not rely on 'files' supplied by anyone. We actually filter out much more than what you would find in hpHosts database. It is far more inclusive in what it blocks.

I'm pretty sure GoDaddy is aware of the listing and may have already been in touch with hpHosts, but MysteryFCM will be better suited to answer that. As for them contacting Malwarebytes, not sure on that issue.

Share this post


Link to post
Share on other sites
The site is legit and that IP is not the IP of the site it is blocking. IP 64.202.189.170 belongs to GoDaddy.com all it is is a forwarding IP that GoDaddy uses for it's DNS server. Of the millions of GoDaddy customers who use their forwarding DNS if they install MBAM it will block access to all of those websites. MBAM does not check content of what it blocks it just relies on the truthfulness of the files supplied by hosts-file.net. I am not sure how many other web hosting companies are listed it this list but I am sure there are more then one. GoDaddy is aware of this blocking and I am sure they will be contacting MBAM about this so we will probably be seeing some changes made to MBAM's IP blocking. The concept is good but it does not work correctly.

I actually run hpHosts, and as has been mentioned, the IPBL does not include anywhere near the amount included in the hpHosts database.

As far as the IP itself, given the domains referenced, resolve to the IP address, it would have to be taken up with GoDaddy as to why it does so, as many of the sites hosted by them, resolve to any number of IP's within their range. Until GoDaddy shut down the malicious domains on this IP (and yep, I've reported them many many times), I cannot unblock it.

Share this post


Link to post
Share on other sites
I actually run hpHosts, and as has been mentioned, the IPBL does not include anywhere near the amount included in the hpHosts database.

As far as the IP itself, given the domains referenced, resolve to the IP address, it would have to be taken up with GoDaddy as to why it does so, as many of the sites hosted by them, resolve to any number of IP's within their range. Until GoDaddy shut down the malicious domains on this IP (and yep, I've reported them many many times), I cannot unblock it.

Godaddy has confirmed to me that they have removed all known malicous websites that "forward" thru that DNS address and has told me that that IP is NOT a shared web hosting address, it is only used as a forwarding address, no broadcasting or anything. They also said they understand why it is bieng blocked but feel it is wrong and unfair for legitimate webites. We did more testing and also found that thier other forwarding address (they only have 2 used for that purpose)is also blocked. They are not very happy.

Share this post


Link to post
Share on other sites
Raid   
The site is legit and that IP is not the IP of the site it is blocking. IP 64.202.189.170 belongs to GoDaddy.com all it is is a forwarding IP that GoDaddy uses for it's DNS server. Of the millions of GoDaddy customers who use their forwarding DNS if they install MBAM it will block access to all of those websites. MBAM does not check content of what it blocks it just relies on the truthfulness of the files supplied by hosts-file.net. I am not sure how many other web hosting companies are listed it this list but I am sure there are more then one. GoDaddy is aware of this blocking and I am sure they will be contacting MBAM about this so we will probably be seeing some changes made to MBAM's IP blocking. The concept is good but it does not work correctly.

Guys... just so everyone understands; this individual I have quoted is indeed, the infamous pcbutts; aka Christopher Butts. How do I know this you might ask? He's the only individual so far to post on usenet alt.privacy.spyware about us using a file. specifically, the wording. I leave the post below as my evidence...

Seriously; we're being trolled.

This is not a false positive, it's evidently tied to Christopher; in the sense we block one of his sites.

Path: s02-b61!num01.iad!npeer01.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!postnews.google.com!news2.google.com!border1.nntp.dca.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!backlog2.nntp.dca.giganews.com!news.giganews.com.POSTED!not-for-mail
NNTP-Posting-Date: Sat, 15 Aug 2009 16:09:23 -0500
From: "The Real Truth MVP" <trt@void.com>
Newsgroups: alt.privacy.spyware
Subject: MBAM contraversal IP blocking
Date: Sat, 15 Aug 2009 14:09:22 -0700
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Windows Mail 6.0.6002.18005
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6002.18005
Message-ID: <lLOdnWUTAMqeuRrXnZ2dnUVZ_uadnZ2d@giganews.com>
Lines: 32
X-Usenet-Provider: http://www.giganews.com
X-Trace: sv3-Ybgo/wNPo41AfYt4FhCvOhPVus/7ngZuPH9+D6L3kLp99VEzcFAsj5upFEN43OG1zf07FcBZ7TYYQXn!2PyoDiYvQWeeD7Qwr94IWjx6oOGncmgzbqDKV8SWGaolDi/dkma9oh31HmZPOPsJM/MpUxUGag==
X-Complaints-To: abuse@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.39
X-Original-Bytes: 2888
Xref: Hurricane-Charley alt.privacy.spyware:60884
X-Received-Date: Sat, 15 Aug 2009 21:09:33 UTC (s02-b61)

MBAM new IP blocking has major flaws. The idea is good but the way it is
executed needs work. The database of IP addresses it uses is the major
problem. MBAM is trusting the source of that list as being accurate without
testing each and every address listed, as it should do, for validity. They
use the list from http://hosts-file.net, that list although updated
regularly is outdated and needs a complete over haul. Currently I estimate
that MBAM blocks more than 10,000 legitimate websites including business
websites and emails. The 10,000 is a very conservative low number. For
example this IP 64.202.189.170 belongs to GoDaddy.com all it is is a
forwarding IP that GoDaddy uses for it's DNS server. Of the millions of
GoDaddy customers who use their forwarding DNS if they install MBAM it will
block access to all of those websites. MBAM does not check content of what
it blocks it just relies on the truthfulness of the files supplied by
hosts-file.net. I am not sure how many other web hosting companies are
listed it this list but I am sure there are more then one. GoDaddy is aware
of this blocking and I am sure they will be contacting MBAM about this so we
will probably be seeing some changes made to MBAM's IP blocking. The concept
is good but it does not work correctly.

Have a nice day Chris!

Share this post


Link to post
Share on other sites
Could you have them contact me please Chris as I'm showing quite the opposite.

Please don't associate me with pcbutts1 (my name is Sharon). Yes I know you have a history with her but I don't. It was me who found this issue not her and I am the one following the proper procedure to try and correct it.

Share this post


Link to post
Share on other sites
nosirrah   

So the word for word identical posts are just by chance eh ?

I think we will all be going back to malware hunting , I will let google handle the rest of this .

http://www.google.com/search?hl=en&lr=...mp;oq=&aqi=

http://www.google.com/search?hl=en&lr=...mp;oq=&aqi=

http://www.google.com/search?hl=en&lr=...mp;oq=&aqi=

http://www.google.com/search?hl=en&lr=...mp;oq=&aqi=

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.