72.167.239.239

Discussion in 'other firewalls' started by rocketscience, Sep 16, 2011.

Thread Status:
Not open for further replies.
  1. rocketscience

    rocketscience Registered Member

    Joined:
    Sep 16, 2011
    Posts:
    4
    can anyone have any idea what this ip is for? 72.167.239.239
    yesterday when i was watching comodo active connection window
    IE and svhost were both trying to connect to a same ip address 72.167.239.239
    the ip belong to godaddy webhosting service
    I bought the netbook 1 week ago, my ie is clean with only default plugin.
    this happen when i browsing http://enscrypted.google.com

    I don't think encrypted.google.com and svhost will have anything to do with godaddy and it's ssl verification
    that's what make me so suspicious

    i know a hacker who lives very close to me, he use godaddy webhost service, that's all that i know, i couldn't ask him did u hack me.

    I know hacker usually need upload the victim's ip info to a webserver to keep track of them, in this case a encrypted godaddy webhost. am i right about this
     
  2. jasonbourne

    jasonbourne Registered Member

    Joined:
    Aug 26, 2010
    Posts:
    247
    Just block it. Go to:

    Firewall\Network Security Policy\Block Zones:

    Add>New Blocked Address>ipv4 or ipv6 Single Address

    or ipv4 or ipv6 Address Range (see the range in Who is image).

    and,

    Add>New Blocked Address>Host Name

    Click OK. Save configuration.
     

    Attached Files:

  3. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
  4. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,108
    Location:
    Sofa (left side)
    It's just Go Daddy OSCP traffic. Block it and your security is reduced because your browser won't automatically verify the revocation status of Go Daddy certificates.
     
  5. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,734
    just thought similar due GoDaddy has an ip range there.
    it may be the checup-up of digital certs.
    GoDaddy is a contentious issue here due their latest issues.
     
  6. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    406
    FWIW, I have never seen any responses from "72 dot" IPs when I perform searches via http:// encrypted.google.com
    All my encrypted.google requests are served from IP's in the 74.125.226.* range
     
  7. rocketscience

    rocketscience Registered Member

    Joined:
    Sep 16, 2011
    Posts:
    4
    thanksfor the info, I will return it to bestbuy today and request for an exchange,
    I will do a complete backup before connected to the internet, do u think windows 7 default system image backup is completely safe, do it backup the system master boot and system reserve partition. is there any better alternative.
    I use the option to return to gateway factory setting, after the restore, the boot menu of comodo time is still there. which makes me think the factory setting can't erase some rootkit from the computer
     
  8. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Rocket!

    You have come to the right forum for help! :D

    To be candid I'm a bit unclear as to why are returning notepad to bestbuy? is it not working? What model/vendor?

    The other worry I have is you may need some expert help in cleaning your system of any viri or parasites if any. Windows 7 is a good o/s so I doubt that is your problem.

    What exactly is this issue? You saw some ip's that concerned you right?

    Just block them all 72.167.0.0 to 72.167.255.255

    Network Name GO-DADDY-SOFTWARE-INC Owner Name GoDaddy.com, Inc. From IP 72.167.0.0 To IP 72.167.255.255


    BUT as you have a hacker in the region you need block him at home so to get behind a solid secured router with proper encryption if you can plug in hardwired NOT wireless hacker will be blocked.
    Download what you want then disconnect. When you are out of range say 5 miles, he can do zip.

    What you really need to do or have done for you is set your router to ONLY allow connections from your MAC addresses on you LAN or a guest if any.

    That way the hackers MAC address won't match your router list and he is dead in the water



    Backup is critical for key user data.

    Good luck:D
     
  9. rocketscience

    rocketscience Registered Member

    Joined:
    Sep 16, 2011
    Posts:
    4
    windows 7 is safe o/s for most of people, but not for a sophisticated hacker. it's like game of hiding and seek. rookit, code injection, comos. ect, ect,
     
  10. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975

    :rolleyes: Don't worry. There's nothing wrong with your notebook and it's highly unlikely that the dastardly "hacker" is into your system. The godaddy requests are just certificate revocation checks as Scoobs72 said.
     
Thread Status:
Not open for further replies.