Jump to content

certcollection.org


Recommended Posts

No offence, but were you actually looking at that properly?

Still there;

http://certcollection.org/forum/topic/15010-microsoft-windows-7-ultimate-final-x64-retail-original-iso-from-technet/
http://certcollection.org/forum/topic/19945-vmwareviewv400210939inclkeymaker/
http://certcollection.org/forum/topic/17136-dvd-ms-exchange-2007-serial/
http://certcollection.org/forum/topic/14259-windows-7-ultimate-x32-genuine-oem-activator/
http://certcollection.org/forum/topic/15011-operating-system-microsoft-windows-7-ultimate-n-1-x86-retail-22-october-2/
http://certcollection.org/forum/topic/14999-windows-7-ultimate-oem-x86-x64-activated-multilanguage-34gb/

And that's just a quick scan of the first few threads listed on the first page alone, and without even getting started on the piracy of CERT related items.

Link to post
Share on other sites

You'll have to do better than that I'm afraid. With all due respect, you need to go through and get rid of ALL piracy related stuff there, we shouldn't need to point it out to you. Only then, will the block be removed.

Link to post
Share on other sites

What's the new IP? (DNS obviously hasn't propogated if it's already been changed as I'm still seeing the IP mentioned previously (217.23.5.195), as is OpenDNS)

Link to post
Share on other sites
  • Staff

Can someone point me on where I can get information on what exactly the role of "malwarebytes" here is in coming between users and a site in such a fascist way?

I wish people would stop attempting to inject politics into this.

As the lead researcher I get to make the final say and here is my opinion.

Cracks and keygen sites have a long and well documented history of malicious content and due to threat consolidation these are high risk locations no different than adult IP ranges typically loaded with fake codecs and exploits.

That being said we are exploring ways of splitting our IP block list up allowing the user to select additional protection and cracks/keygen sites will without question be something the user will have the option of blocking due to threat consolidation.

I do not in any way care about the content on any site, I only care about its malicious potential and if it is elevated beyond an acceptable average this is grounds for inclusion on a block list.

Link to post
Share on other sites

I'm not injecting any politics whatsoever. I want to know about the technical aspects of this, and what malware's role is as the "middle man" blocking my access.... beyond any legal issues and right or wrong of the site being up, if the site owner has the domain registered in "x" country, poiting to "y" dns server, and that should be enough for me to access their site, what exactly is malwarebytes role from a technical perspective to be blocking this? in other words, where do you sit in the traffic path?

Link to post
Share on other sites
  • Staff

Our traffic blocking is bidirectional IP based protection. You cannot receive or send packets to IPs on our black list.

To get on this list there needs to record of direct threats or an unreasonable elevation of risk of malware or malicious activities.

For example a dump server where stolen credit card info is deposited would make our list even though there is no actual malware there.

Link to post
Share on other sites

Our traffic blocking is bidirectional IP based protection. You cannot receive or send packets to IPs on our black list.

To get on this list there needs to record of direct threats or an unreasonable elevation of risk of malware or malicious activities.

For example a dump server where stolen credit card info is deposited would make our list even though there is no actual malware there.

I see, but how exactly is that done from a technical perspective? Right now for example, my dns servers resolve that entry, so what exactly are you doing to prevent me from connecting to their server directly as per any mormal http connection? Do you have something to do with their hosting? Are you in the traffic path somehow? That the techincal part I'd like to learn.

Thanks.

Link to post
Share on other sites
  • Staff

For the record after seeing a comment like "such a fascist way" you have to understand that you have not exactly set the stage for an open and friendly dialog.

The protection is not HOSTS based, DNS based or anything else to do with domian resolution. Connections in any form to blacklist IPs are simply denied. it does not matter in which form these connections take place. Pages loading, downloads and uploads are all blocked by the same mechanism.

Link to post
Share on other sites

For the record after seeing a comment like "such a fascist way" you have to understand that you have not exactly set the stage for an open and friendly dialog.

The protection is not HOSTS based, DNS based or anything else to do with domian resolution. Connections in any form to blacklist IPs are simply denied. it does not matter in which form these connections take place. Pages loading, downloads and uploads are all blocked by the same mechanism.

Ok, you're right.. sorry... :S

I understand it not having to do with name resolution, just thinking for some ppl it didn't resolve, just putting it out there as that not being a problem.

The question is who denies the packets and how?? Let's say (for the sake of saying a number) that bewteen my pc and their server there are 20 routers. How can you block packets going from my computer to their server? Are you in control (or able to request at least) any of those devices in the path of the traffic? That is what I meant. Because if not, I just don't see any other way as to how you can block traffic between 2 hosts :S

Link to post
Share on other sites

Ok, you're right.. sorry... :S

I understand it not having to do with name resolution, just thinking for some ppl it didn't resolve, just putting it out there as that not being a problem.

The question is who denies the packets and how?? Let's say (for the sake of saying a number) that bewteen my pc and their server there are 20 routers. How can you block packets going from my computer to their server? Are you in control (or able to request at least) any of those devices in the path of the traffic? That is what I meant. Because if not, I just don't see any other way as to how you can block traffic between 2 hosts :S

Edit: just for the record, I'm interested in all this stuff because I work in Network Security.

Link to post
Share on other sites

No offence, but were you actually looking at that properly?

Still there;

http://certcollection.org/forum/topic/15010-microsoft-windows-7-ultimate-final-x64-retail-original-iso-from-technet/
http://certcollection.org/forum/topic/19945-vmwareviewv400210939inclkeymaker/
http://certcollection.org/forum/topic/17136-dvd-ms-exchange-2007-serial/
http://certcollection.org/forum/topic/14259-windows-7-ultimate-x32-genuine-oem-activator/
http://certcollection.org/forum/topic/15011-operating-system-microsoft-windows-7-ultimate-n-1-x86-retail-22-october-2/
http://certcollection.org/forum/topic/14999-windows-7-ultimate-oem-x86-x64-activated-multilanguage-34gb/

And that's just a quick scan of the first few threads listed on the first page alone, and without even getting started on the piracy of CERT related items.

Dear Steven,

I see Certcollection.org is back up. Unfortunately, I also see continued use of piracy in the "Training Offers and Requests" subforums, linked here http://certcollection.org/forum/forum/1-training-offers-requests/

Detailed examples, just from the first two messages:

http://certcollection.org/forum/topic/117570-0527-last-version-testinside-ccna-v218590q/ links to pirated software here

http://certcollection.org/forum/topic/64966-cbt-nuggets-ccna-640-816-640-822-rapidshare/ links to pirated software here

I could go on, but I think you should get the point. It is clear to me that certcollection.org has not met your conditions.

Edited by shadowwar
Removed direct pirate links.
Link to post
Share on other sites

WingTip

Those links might be containing "pirated software", but in no way they are related in distributing malware / spyware or any stuff like that.

Steve please let me know if I can be of any help with your investigations.

Thank you.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.