Jump to content

Are incoming IP attempts blocked as well?


Recommended Posts

Does the IP Protection module block incoming IP addresses as well?

For a while I had port 80 open on my hardware firewall to one of my PCs for a specific application (that app is known to be okay) and I was getting a couple of MBAM IP blocks for 222.186.26.72 a day. The PC was othewise idle (no web browsing or anyone at the keyboard) when this was occuring, but there were various standard background apps running (no P2P). A MBAM scan is clean. I've closed that port back up and I'll see if the block messages stop. But....

So, being that this IP is from China, I'm wondering if since I had port 80 open through the firewall to this machine, was MBAM blocking an incoming scan attempt from a blocked IP?

This is okay with me, and I'm not calling it a FP...I just want to know if MBAM does block incoming attempts as well as outgoing. Is there a way to know from logs if the block was incoming or outgoing? If it doesn't block incoming, then I've got a problem with this PC :)

Here is an example of my log

02:01:05 Username IP-BLOCK 222.186.26.72

02:11:02 Username IP-BLOCK 222.186.26.72

03:43:16 Username IP-BLOCK 222.186.26.72

03:53:13 Username IP-BLOCK 222.186.26.72

Thanks

Link to post
Share on other sites

I did read that section already. But it doesn't say whether it blocks any types of incoming attempts. I know, as it explains, it certainly blocks outgoing attempts.

I did a forum search, and I found some conflicting information, buried within other topics (mostly about false positives), about whether the blocking module does anything with incoming attempts. So, since the information was not clear, I'm looking for a definitive answer from an authoritative source, as to whether the MBAM IP Blocking module blocks incoming requests from sites on the block list.

Link to post
Share on other sites

Guest garybear

Hi! I have a question. You are saying MBAM blocks incoming and outgoing. Please explain what these Chinese IP's are trying to do. I get them blocked all the time. There is nothing that I'm doing that should be trying to connect me to China . Please for give my ignorance, but I don't understand what triggers these IP's Also what happens if I allow them access. This has bothered me for a long time. I have asked this question before but I do not understand.

Link to post
Share on other sites

Hi! I have a question. You are saying MBAM blocks incoming and outgoing. Please explain what these Chinese IP's are trying to do. I get them blocked all the time. There is nothing that I'm doing that should be trying to connect me to China . Please for give my ignorance, but I don't understand what triggers these IP's Also what happens if I allow them access. This has bothered me for a long time. I have asked this question before but I do not understand.

Are you running any p2p sharing programs like limewire,utorrent or frostwire? Most of the time these are the cause.

Link to post
Share on other sites

Hi -

If the problems are constant , please follow the instructions below and an expert will review your system fully -

As we do not work on Malware removal or diagnostics in the general forums please follow these directions -

Please print out, read and follow What do I do now? , skipping any steps you are unable to complete.

The next step is post a New Topic Here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that

you're alerted when someone has replied to your post - Please allow at least 48 hours for a reply as the experts can get busy at times -

Also add a brief note to the experts as to your problems -

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or via This Link

Always use the ADD REPLY Tab at the bottom of the page when you reply -

Thank You - :)

Link to post
Share on other sites

Guest garybear

Hi! noknojon & Buttons!

I do not have any p2p programs on my PC. My PC does not have any Virus or malware. That has all been checked out before. There are a lot of members getting these Chinese IP addresses blocked. My question is why are these IP's trying to access my PC. These are incoming addresses being blocked and I do not get them all the time. A restart will usually stop them for awhile. My ISP gives me a new IP address every time I restart. If these were outgoing then I would probably have a problem. Thank you for your posts. Is China trying to get access to my PC for some reason? That is my question??

Garybear!

Link to post
Share on other sites

Guest garybear
What antivirus do you use?A place to introduce yourself and talk about general things apart from malware, politics and religion. Please keep anything clean.

Hi friend! I use Avira and online Armor with Malwarebytes running in real time. I don't know why my firewall doesn't block them before they get to MBAM. I understand that's the way it's supposed to work. I also got tired of waiting on an answer on the forum, so I Gooled and found this. Very interesting!

Garybear!

http://www.parkansky.com/china.htm

Link to post
Share on other sites

Guest garybear
Ah, that's right. Posted a picture a few times. You should try and follow noknojon's instructions on cleanup.:)

Hi friend! With all due respect to you. This does not happen all the time. These are incoming IP's My PC is clean!

Garybear! I have followed noknojon's instructions. I'm clean!! Thank you!!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.