Jump to content

aparker

Members
  • Posts

    0
  • Joined

  • Last visited

Kudos

  1. Upvote
    aparker gave kudos to Marcos in Lets Encrypt Internal Blacklist block   
    The FP should be already resolved. You can enforce update of the blacklist by rebooting the machine.
  2. Upvote
    aparker gave kudos to jdashn in Lets Encrypt Internal Blacklist block   
    Awesome!! thanks a ton to both of you for your quick replies!
  3. Upvote
    aparker gave kudos to NFear in Lets Encrypt Internal Blacklist block   
    Same here. One of the applications I use for a long time obviously tries to validate a letsencrypt certificate via OCSP. Looks like a false entry has made it to the internal ESET blacklist.
  4. Upvote
    aparker gave kudos to jdashn in Lets Encrypt Internal Blacklist block   
    As of this morning i'm getting a lot of alerts across the orginization for:
    hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEgRY8NzrWAjZ4J4grl19QqsePQ=
    For each alert the last bit of the address changes, but this part is the same:
    hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEg
    They all also have a target address of :
    104.91.166.211
    Just wondering if there is more information on this, what might be causing it, if this is an indicator of a primary infection, etc.
     
    Thank you!!
    Jdashn
     
×
×
  • Create New...