Bitdefender Update Server Listed in Ban List

Anon12344534
Anon12344534
in Update


Hello,


I'm hoping someone will take the time to read this whole thing. I'm not knowledgeable about how popular this Ban list is, firehol_level3 has your update server listed as an active viral / spyware attack point. firehol appears to be an aggregate of popular ban lists.


Details about the list:


http://iplists.firehol.org/?ipset=firehol_level3


Direct link to plain text list:


https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset


Your server I am referring to:


upgr-mmxvii-cl-ts.2d8cd.cdn.bitdefender.net [72.21.81.253]


The ip is in the ban list. This is causing repeated update fails, I believe this list is used by a number of firewall blocking tools (like pfBlocker). 


Is there an alternate server I could use that doesn't appear in a ban list?


Any help appreciated!

Comments

  • Firdovsi
    Firdovsi
    edited July 2017


    Hi,


    Have you taken any actions prior to this which may have caused this issue?


    Since when did this issue started?


    Best option also is to contact support here: https://www.bitdefender.com/support/contact-us.html?last_page=ConsumerCategory


    Cheers! 


     

  • Anon12344534
    Anon12344534
    edited July 2017


    10 hours ago, Firdovsi said:



    Hi,


    Have you taken any actions prior to this which may have caused this issue?


    Since when did this issue started?


    Best option also is to contact support here: https://www.bitdefender.com/support/contact-us.html?last_page=ConsumerCategory


    Cheers! 


     



    I do not maintain this list. My issue is more to inform Bitdefender that their update server is listed in a public IP block list. Any organization that happens to subscribe to this list will find their Bitdefender updates are blocked. I'm unsure when this started, as I only recently subscribed to this list cause the issue. I've worked around it by whitelisting.


    Thank you for the support link, I will post there.

  • csalgau
    csalgau ✭✭


    Updates are currently hosted within EdgeCast's CDN and the IP you are referring to is part of their network. It is quite probable that one of EdgeCast's clients, at one point in time, hosted a suspicious file on a domain name answering to that IP.


    Unfortunately there is no good way of handling this issue. The best course of action is probably to wait it out or manually add an exception to the blocker, if it allows for this.

All Time Leaders

Categories

Defenders of the month