Jump to content

K-Dee

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. FYI.......for the heck of it I decided to try an MBAM update today.......and it WORKED!!..... and it used 208.111.160.6 for the update server....... Sooooooo not sure what was done by anyone, but it works now.......
  2. The only thing they told me was........ "US-CERT reported that 208.111.160.6 on their CAT3 Watchlist, meaning the site has been identified as hosting malicious code. US-CERT additionally provided the following hostnames in which the malicious code was detected. They are cdn-208-111-160-6[dot]iad[dot]llnw[dot]net and cds723[dot]iad[dot]llnw[dot]net." I don't have access to any of the reports they get and they are most likely not public..... and might even be classified..... I wish I could be of more help...... Is there any way that you can contact US-CERT directly and ask them about your IP address being listed on their watchlist?
  3. I believe our AT&T contract uses Level3 networks at some point...... so I don't think it's a level3 thing.......but I can't say for sure...... I'm not sure what factors decide which server on the CDN a computer will connect to for updates, but mine always seems to goto one of two IPs......208.111.160.6 or 208.111.161.254..... and neither of those are allowed a port 80 connection from our network
  4. I have been working with our Cybersecurity department to get the IP addresses for your update servers unblocked..... May I ask how many different servers there are besides 160.6 and 161.254 ?
  5. I just posted this on another thread, but I wanted to post it here too since this thread was talking about ISP issues.........and maybe others are seeing this due to the same IP blocking reasons...... ------- I have been troubleshooting this same update issue from our network for a couple of weeks now.... From what I could find......v1.36 used 208.111.160.6 to get updates.....and now v1.37 has tried to use 208.111.160.6 and 208.111.161.254 What I found out before today is that our cybersecurity department at HQ is blocking 208.111.160.6 because it was in the US-CERT recommended blocks for January 2009..... because it was detected as being an IP address hosting malicious code...... I'm not sure if they are blocking 208.111.161.254 as well....but MBAM won't update when it tries to go THAT ip address either....... Here is what I got back from cybersecurity........ US-CERT reported that 208.111.160.6 on their CAT3 Watchlist, meaning the site has been identified as hosting malicious code. US-CERT additionally provided the following hostnames in which the malicious code was detected. They are cdn-208-111-160-6[dot]iad[dot]llnw[dot]net and cds723[dot]iad[dot]llnw[dot]net. Not really sure where to go from here...... unless 208.111.160.6 can get its reputation cleared with US-CERT
  6. I have been troubleshooting this same update issue from our network for a couple of weeks now.... From what I could find......v1.36 used 208.111.160.6 to get updates.....and now v1.37 has tried to use 208.111.160.6 and 208.111.161.254 What I found out before today is that our cybersecurity department at HQ is blocking 208.111.160.6 because it was in the US-CERT recommended blocks for January 2009..... because it was detected as being an IP address hosting malicious code...... I'm not sure if they are blocking 208.111.161.254 as well....but MBAM won't update when it tries to go THAT ip address either....... Here is what I got back from cybersecurity........ US-CERT reported that 208.111.160.6 on their CAT3 Watchlist, meaning the site has been identified as hosting malicious code. US-CERT additionally provided the following hostnames in which the malicious code was detected. They are cdn-208-111-160-6[dot]iad[dot]llnw[dot]net and cds723[dot]iad[dot]llnw[dot]net. Not really sure where to go from here...... unless 208.111.160.6 can get its reputation cleared with US-CERT
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.