Malwarebytes warnings trying to view NSX Prime

Joined
1 August 2000
Messages
1,788
Location
charleston,sc
Hey Lud. Today I had a hard time logging on due to my Malware program shutting down prime saying it has" incoming/outgoing malware (enter numbers) and will shut down"...
This is a desktop running IE8
I had to shut down my Malware program to write this
 
Last edited:
Re: Page load problem

Tried again this morning to randomly log on for about 2 hours. The message the anti-malware gave was "Your computer was succesfully blocked from this potentially malicious site 199....." .

I shutdown IE and cleared the Prime history only to get the ability to post this meesage. Whats the deal? If I got on...you have to keep hitting the back button several times before it decides to go back. It shows it tries then just stops.
 
This is one of the challenges of security in the modern environment of cloud computing and content delivery networks. Malwarebytes blocks IPs that have been identified as delivering malware. In the old days that made fairly good sense because a given web server was generally at a given IP. These days, with cloud hosting, the IP changes. Add in content delivery networks (CDN) and you also have content from many tens or hundreds of thousands of sites being delivered through the same small group of shared IP addresses. I've seen this already with email delivery because someone else had sent spam from an IP my server was later trying to use to deliver email. Now it appears someone on the same CDN has hosted some malicious websites. The server IP banning model is nowhere near as good a solution as it used to be.

If you want to prevent this problem for now, you can whitelist the following IP addresses. Keep in mind this does present some amount of risk because malicious sites can also use the same IP addresses. There is no better solution at this time because the IP blocking system is fundamentally flawed with respect to cloud hosting and CDNs.

204.93.240.0/24 (204.93.240.0 - 204.93.240.255)
204.93.177.0/24 (204.93.177.0 - 204.93.177.255)
199.27.128.0/21 (199.27.128.0 - 199.27.135.255)
173.245.48.0/20 (173.245.48.0 - 173.245.63.255)
103.22.200.0/22 (103.22.200.0 - 103.22.203.255)
141.101.64.0/18 (141.101.64.0 - 141.101.127.255)
108.162.192.0/18 (108.162.192.0 - 108.162.255.255)
190.93.240.0/20 (190.93.240.0-190.93.255.255)
 
Again another problem with cloudflare. I use MAX CDN and never have a problem.
 
could any of these issues have been due to dimer posting pics through a european server that wanted me to enter a password ? I could not read his build thread because of it.
 
Again another problem with cloudflare. I use MAX CDN and never have a problem.

It's nothing specific to Cloudflare. It's a fundamental problem with the old system of IP blacklisting not working well in an environment where more and more people are using cloud hosting and CDNs.

Just two weeks ago I had another issue where my mail server was being blacklisted because the same IP address had recently been used by a spammer. That had absolutely nothing to do with Cloudflare, as neither inbound or outbound mail flows through Cloudflare. http://www.nsxprime.com/forum/showthread.php?t=159607
 
could any of these issues have been due to dimer posting pics through a european server that wanted me to enter a password ? I could not read his build thread because of it.

That doesn't cause this type of situation; it's just annoying. If he hasn't fixed it yet then report the thread and I'll delete the picture links and he can add them back when he fixes the password issue.
 
Back
Top