Server is Blocked

**Bud Boy** · 12-11-2011, 15:01

Hi

One of my customers recently reported that his site (and mine) were being blocked by his works' filter, giving the error message:

"Page cannot be displayed
Based on your corporate access policies this website (www....) has been blocked because it has been determined by Web Reputation Filters to be a security threat to your computer or corporate network.
This website has been associated with Malware/Spyware.
Threat type: other malware
Threat reason
IP address is either verified as a bot or has misconfigured DNS"

He was obviously concerned and contacted me. I realise this may be a company issue of "over zealous filtering", however, I obviously needed to do some checks myself before giving him that reason.

It would appear that that there is a valid reason for the company to have blocked the IP. When I ran the IP check at; Scan IP Addresses for Malicious Activity, Exploits, Malware and Spam. I found that there is suspicious activity and the server is listed as SUSPICIOUS due to CBL Abuseat - the result of which can be seen here: CBL Lookup for 78.129.128.40

Please note the comments:
"IP Address 78.129.128.40 is listed in the CBL. It appears to be infected with a spam sending trojan or proxy."

...and

"ONLY the hosting company can fix these infections properly."

Now whilst I am happy to suggest my client contact his company's IT admin, I don't want to look like an idiot by saying there is nothing wrong when seemingly there is.

I would very much appreciate a full and frank answer to this problem.

Am I on a suspicious server or not and are more of my clients sites being blocked?

It would appear that this is an ongoing problem. (see CBL part - "It has been relisted following a previous removal at 2011-11-04 19:33 GMT (7 days, 19 hours, 9 minutes ago))

Extremely Worrying...

**eUK-Ray** · 12-11-2011, 21:15

Originally Posted by Bud Boy

Hi

One of my customers recently reported that his site (and mine) were being blocked by his works' filter, giving the error message:

"Page cannot be displayed
Based on your corporate access policies this website (www....) has been blocked because it has been determined by Web Reputation Filters to be a security threat to your computer or corporate network.
This website has been associated with Malware/Spyware.
Threat type: other malware
Threat reason
IP address is either verified as a bot or has misconfigured DNS"

He was obviously concerned and contacted me. I realise this may be a company issue of "over zealous filtering", however, I obviously needed to do some checks myself before giving him that reason.

It would appear that that there is a valid reason for the company to have blocked the IP. When I ran the IP check at; Scan IP Addresses for Malicious Activity, Exploits, Malware and Spam. I found that there is suspicious activity and the server is listed as SUSPICIOUS due to CBL Abuseat - the result of which can be seen here: CBL Lookup for 78.129.128.40

Please note the comments:
"IP Address 78.129.128.40 is listed in the CBL. It appears to be infected with a spam sending trojan or proxy."

...and

"ONLY the hosting company can fix these infections properly."

Now whilst I am happy to suggest my client contact his company's IT admin, I don't want to look like an idiot by saying there is nothing wrong when seemingly there is.

I would very much appreciate a full and frank answer to this problem.

Am I on a suspicious server or not and are more of my clients sites being blocked?

It would appear that this is an ongoing problem. (see CBL part - "It has been relisted following a previous removal at 2011-11-04 19:33 GMT (7 days, 19 hours, 9 minutes ago))

Extremely Worrying...

Could you be kind enough to provide me the ticket number to our support department please ?

Thanks
Ray

**Bud Boy** · 12-11-2011, 23:16

Hi Ray

I did already contact Live Support who said there wasn't a problem

Ticket now raised: #NPX-914-25633

Thanks

**eUK-Ray** · 12-11-2011, 23:19

Originally Posted by Bud Boy

Hi Ray

I did already contact Live Support who said there wasn't a problem

Ticket now raised: #NPX-914-25633

Thanks

I will have a Linux tech check this out for you.

Thanks,
Ray

**Ambrose** · 13-11-2011, 00:00

Hello,

I have replied the ticket NPX-914-25633. Kindly have a look once.

As I have already mentioned in the ticket, IP 78.129.128.40 is blocked in the CBL for the mailing purpose which is already replaced with another IP to ensure proper functioning of emails.

The websites can be browsed without any problem with the IP 78.129.128.40.

The server is always monitored and we never let a culprit go if found responsible for any suspicious activities on the server.

Thanks,
Ambrose S

Thread: Server is Blocked

Thread Tools

Display

Server is Blocked

Thread Information

Users Browsing this Thread

Posting Permissions