Bitdefender Update Server Listed in Ban List

Hello,

I'm hoping someone will take the time to read this whole thing. I'm not knowledgeable about how popular this Ban list is, firehol_level3 has your update server listed as an active viral / spyware attack point. firehol appears to be an aggregate of popular ban lists.

Details about the list:

http://iplists.firehol.org/?ipset=firehol_level3

Direct link to plain text list:

https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset

Your server I am referring to:

upgr-mmxvii-cl-ts.2d8cd.cdn.bitdefender.net [72.21.81.253]

The ip is in the ban list. This is causing repeated update fails, I believe this list is used by a number of firewall blocking tools (like pfBlocker).

Is there an alternate server I could use that doesn't appear in a ban list?

Any help appreciated!

Find more posts tagged with

Comments

Firdovsi

Hi,

Have you taken any actions prior to this which may have caused this issue?

Since when did this issue started?

Best option also is to contact support here: https://www.bitdefender.com/support/contact-us.html?last_page=ConsumerCategory

Cheers!

Anon12344534

10 hours ago, Firdovsi said:

Hi,

Have you taken any actions prior to this which may have caused this issue?

Since when did this issue started?

Best option also is to contact support here: https://www.bitdefender.com/support/contact-us.html?last_page=ConsumerCategory

Cheers!

I do not maintain this list. My issue is more to inform Bitdefender that their update server is listed in a public IP block list. Any organization that happens to subscribe to this list will find their Bitdefender updates are blocked. I'm unsure when this started, as I only recently subscribed to this list cause the issue. I've worked around it by whitelisting.

Thank you for the support link, I will post there.

csalgau

Updates are currently hosted within EdgeCast's CDN and the IP you are referring to is part of their network. It is quite probable that one of EdgeCast's clients, at one point in time, hosted a suspicious file on a domain name answering to that IP.

Unfortunately there is no good way of handling this issue. The best course of action is probably to wait it out or manually add an exception to the blocker, if it allows for this.