Malwarebytes Anti-Malware's malicious website blocking module

[itman]

Quote:

Undetected trojan tries to upload your data to a blacklisted IP.

Only if your browser is active - correct? I have seen no evidence that MBAM Pro IP blocker can stop oubound activity from non-browser processes.

[nosirrah]

Quote:

Only if your browser is active - correct? I have seen no evidence that MBAM Pro IP blocker can stop oubound activity from non-browser processes.

You are incorrect, I stated the facts earlier:

Quote:

Malwarebytes does not care what kind of connection it is or if its inbound or outbound. If the connection is to a black listed IP then the connection will fail and no data will be transmitted.

Malwarebytes does not do browser based blocking, it does connection based blocking.

[Barthez]

I think that MBAM blocks IP addresses regardless of what program tires to access them. I seen some Team Fortress 2 and Killing Floor servers blocked in the past.

EDIT - memo to self: type faster in future

[The Hammer]

Took advantage of the $17.49 US offer in another thread. Realtime protections enabled. Guess now I'll find out for sure now if it will run with Avira Premium with out issue.

[itman]

Quote:

Malwarebytes does not do browser based blocking, it does connection based blocking.

I did some more research on this and I concur.

This feature of MBAM Pro however is turned off on my installation. Why? Because anything that is filtering your IP connections has the potential to track you.

I recently had a very unpleasant surprise with a third party firewall that I found somewhat by accident that was tracking me. At this point, I don't trust any retail available security software when it comes to tracking activity.

[Mman79]

Quote:

Originally Posted by itman

I did some more research on this and I concur.

This feature of MBAM Pro however is turned off on my installation. Why? Because anything that is filtering your IP connections has the potential to track you.

I recently had a very unpleasant surprise with a third party firewall that I found somewhat by accident that was tracking me. At this point, I don't trust any retail available security software when it comes to tracking activity.

You're on the Internet, there is no way no one or nothing can't see where you go. Retail, free, none of that matters as it is how things work that determine privacy concerns. MBAM doesn't care where you go or what you do. They care about keeping malware away from you, period. If you're going to use the Internet, there is no way around a little give and take.

[Frank the Perv]

Quote:

Originally Posted by Mman79

You're on the Internet, there is no way no one or nothing can't see where you go. Retail, free, none of that matters as it is how things work that determine privacy concerns. MBAM doesn't care where you go or what you do. They care about keeping malware away from you, period. If you're going to use the Internet, there is no way around a little give and take.

Yep.


.

[Osaban]

Quote:

Originally Posted by The Hammer

Took advantage of the $17.49 US offer in another thread. Realtime protections enabled. Guess now I'll find out for sure now if it will run with Avira Premium with out issue.

I think it's money well spent. Let us know if you have any problems, I'm particularly curious about slowdowns if any.

[The Hammer]

Quote:

Originally Posted by Osaban

I think it's money well spent. Let us know if you have any problems, I'm particularly curious about slowdowns if any.

I'll give it a week before I do.

[Amit]

Quote:

Originally Posted by Mman79

You're on the Internet, there is no way no one or nothing can't see where you go. Retail, free, none of that matters as it is how things work that determine privacy concerns. MBAM doesn't care where you go or what you do. They care about keeping malware away from you, period. If you're going to use the Internet, there is no way around a little give and take.

Just couldn't agree more.

[justenough]

Quote:

Originally Posted by Wolverine

Just couldn't agree more.

Same here. Malwarebytes AM is about the last thing on my computer that I'm going to be worrying about.

[The GLoW]

Quote:

Originally Posted by Mman79

You're on the Internet, there is no way no one or nothing can't see where you go. Retail, free, none of that matters as it is how things work that determine privacy concerns. MBAM doesn't care where you go or what you do. They care about keeping malware away from you, period. If you're going to use the Internet, there is no way around a little give and take.

So well said...deserves to be repeated.

In the realm of security products, where I feel I am constantly doing research to find worthy products, I have found that MBAM is the one sure deal. I hope they continue to produce with integrity.

[TheWindBringeth]

Quote:

Originally Posted by itman

I did some more research on this and I concur.

How does this thing work? Is it periodically downloading/updating a local blacklist and sending no target IP Addresses to Malwarebytes? Is it sending every target IP Address you attempt to connect to to Malwarebytes? Is it a hybrid of some sort?

[TheWindBringeth]

Quote:

Originally Posted by nosirrah

We do our own research and have our IP blacklist that is updated as needed (both additions and subtractions).

Thanks for the reply. I'm not sure how to interpret that though. Are those additions and subtractions distributed to the client machine? Does the client machine ever send target IP Addresses to your server for checking?

[nosirrah]

Quote:

Are those additions and subtractions distributed to the client machine?

Yes through regular updates. The IPs are constantly rechecked on our end to see if the issues have been resolved. We attempt to work with the people directly responsible for the IP to get the issues resolved and when they are the IP block is removed. Some crime friendly hosts never reply to us so the blocks there are perpetual.

[Baserk]

Quote:

Originally Posted by nosirrah

...Some crime friendly hosts never reply to us so the blocks there are perpetual.

What are the main countries that harbour those 'bullet-proof' hosts, according to MBAM data, if you don't mind me asking?

[Mman79]

Though Nosirrah has the data to back up any thoughts on where they reside, I would say likely sources would be Russia, China, Brazil and the Ukraine to name the "top dogs".

[nosirrah]

The usual suspects are indeed where a lot of the trouble comes from.

Quote:

"The trial is not available for your product version. We apologize for the inconvenience."

Double checking with support this happens when you have a trial expire and then attempt to enable a second trial later.

[Cudni]

posts that were here moved to thread of their own
http://www.wilderssecurity.com/showthread.php?t=335371

[kupo]

Quote:

Originally Posted by itman

I did some more research on this and I concur.

This feature of MBAM Pro however is turned off on my installation. Why? Because anything that is filtering your IP connections has the potential to track you.

I recently had a very unpleasant surprise with a third party firewall that I found somewhat by accident that was tracking me. At this point, I don't trust any retail available security software when it comes to tracking activity.

Unplug your router, don't connect to the intrawebzzz, now you are untracked. And have the most private and anonymous setup.

[nosirrah]

Quote:

This feature of MBAM Pro however is turned off on my installation. Why? Because anything that is filtering your IP connections has the potential to track you.

I think we might install a toolbar and charge for removal if we were that kind of company. It is a lot easier to make $ doing what is more or less accepted than it is trying to be sneaky and secretly tracking your movements.

[Baserk]

Hi nosirrah,

Kaspersky have released their Q3 threat overview; link.
In it, a pie diagram link shows the Netherlands to be one the main (bullet-proof) malware hosters/physical locations where websites host malware, alongside Russia, the USA and Germany .
Does MBAM see this also or do you think these numbers might be (heavily) influenced by the AV market share Kaspersky has in those countries?

[Amit]

Quote:

Originally Posted by nosirrah

I think we might install a toolbar and charge for removal if we were that kind of company. It is a lot easier to make $ doing what is more or less accepted than it is trying to be sneaky and secretly tracking your movements.

Exactly.

[TonyW]

Quote:

Originally Posted by Baserk

In it, a pie diagram link shows the Netherlands to be one the main (bullet-proof) malware hosters/physical locations where websites host malware, alongside Russia, the USA and Germany .
Does MBAM see this also or do you think these numbers might be (heavily) influenced by the AV market share Kaspersky has in those countries?

I can't answer for MBAM, but the figures Kaspersky are quoting are from what they've seen via their Kaspersky Security Network. Obviously, there must be a fair few KSN users in the Netherlands to gain such insights.

[The Hammer]

Quote:

Originally Posted by Osaban

I think it's money well spent. Let us know if you have any problems, I'm particularly curious about slowdowns if any.

No problems or slowdowns. I don't even notice it's there.